5 matches found
CVE-2018-17559
The CVE-2018-17559 entry affects ABUS TVIP cameras, with the root cause described as incorrect access control. The vulnerability allows unauthenticated remote attackers to view the /video.mjpg live stream from certain cameras. Documented risk impact includes confidentiality loss (C:H) without imp...
CVE-2018-17878
CVE-2018-17878 is a buffer overflow vulnerability in ABUS TVIP cameras. The issue arises from using the C sprintf() function on crafted input, enabling an attacker to potentially gain control of the program. The initial CVE description confirms the vulnerability vector and impact as stated, with ...
CVE-2018-17879
The CVE-2018-17879 vulnerability affects ABUS TVIP cameras, where CGI scripts allow remote execution of code as root via system() with multiple injection points. Public sources (NVD, Red Hat, CVE listings) confirm this remote, unauthenticated-like capability with high impact across confidentialit...
CVE-2018-16739
The CVE-2018-16739 vulnerability affects ABUS TVIP devices due to a path traversal in the /opt/cgi/admin/filewrite endpoint. The issue allows an attacker to write arbitrary files and execute code with root privileges, as indicated by the described impact (root, high confidentiality/availability/i...
CVE-2018-17558
The CVE-2018-17558 issue affects ABUS TVIP cameras (list includes TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, TVIP51550 MG.1.6.03) where hardcoded manufacturer credentials and an OS command i...