Lucene search
K
MilesightIp Security Camera Firmware

5 matches found

CVE
CVE
added 2019/10/25 12:45 p.m.51 views

CVE-2016-2360

Milesight IP security cameras (through 2016-11-14) have a default root password in /etc/shadow that is the same across different customers’ installations. Connected records corroborate this issue across multiple sources (Red Hat, CNVD, CVE databases) and describe the credential issue as a default...

9.8CVSS9.4AI score0.02064EPSS
CVE
CVE
added 2019/10/25 12:46 p.m.46 views

CVE-2016-2357

Milesight IP security cameras (up to 2016-11-14) contain a hardcoded SSL private key stored in the /etc/config directory. The root cause is a hardcoded SSL private key, leading to potential compromise of confidentiality, integrity, and availability of TLS communications. The provided documents do...

9.8CVSS9.3AI score0.02064EPSS
CVE
CVE
added 2019/10/25 12:46 p.m.44 views

CVE-2016-2356

CVE-2016-2356 affects Milesight IP security cameras (through 2016-11-14). The vulnerability is a buffer overflow in the web application triggered by a long username or password, reported consistently across NVD/Red Hat/CNVD entries. Impact details in sources indicate potential memory corruption; ...

9.8CVSS9.6AI score0.03206EPSS
CVE
CVE
added 2019/10/25 12:46 p.m.42 views

CVE-2016-2358

CVE-2016-2358 affects Milesight IP security cameras up to 2016-11-14, which ship with a default set of 10 privileged accounts using hardcoded credentials. If the customer has not configured 10 actual user accounts, these default accounts remain accessible, enabling potential unauthorized access.

9.8CVSS9.2AI score0.02064EPSS
CVE
CVE
added 2019/10/25 12:46 p.m.41 views

CVE-2016-2359

CVE-2016-2359 concerns Milesight IP security cameras. The linked Red Hat/CNVD/OpenVAS entries describe an authentication bypass vulnerability that allows remote attackers to access protected resources by issuing a request for the unprotected vb.htm resource, affecting devices up to 2016-11-14. Th...

9.8CVSS9.6AI score0.03098EPSS