4 matches found
CVE-2020-13093
CVE-2020-13093 affects iSpyConnect.com Agent DVR, prior to version 2.7.1.0, exposing a path traversal vulnerability. The root cause is described as improper filtering of special path elements, enabling access to locations outside of a restricted directory. Impact details in the sources indicate p...
CVE-2024-22514
Summary: CVE-2024-22514 affects iSpyConnect.com Agent DVR 5.1.6.0, where restoring a crafted backup file enables arbitrary file execution (RCE) via manipulation of backup/restore handling, including edits to objects.xml to trigger commands with the program’s privileges. Related documents (exploit...
CVE-2024-22515
CVE-2024-22515 affects iSpyConnect Agent DVR 5.1.6.0 with an unrestricted file-upload in the audio upload component. Root cause per sources is lack of verification of the uploaded file type, enabling arbitrary file uploads. This vulnerability can lead to high impact on confidentiality, integrity,...
CVE-2025-63408
CVE-2025-63408 affects Local Agent DVR up to version 6.6.1.0. The vulnerability is a directory traversal that enables an unauthenticated local attacker to: (1) access sensitive information, (2) trigger a server-side forgery request (SSRF), and (3) execute operating system commands. The available ...