Vecaster-hd-h264 Firmware Security Vulnerabilities and Issues — Vecaster-hd-h264 Firmware CVE List

Lucene search

ProvideoinstrumentsVecaster-hd-h264 Firmware

4 matches found

CVE•added 2020/10/06 2:15 p.m.•92 views

CVE-2020-24217

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to a...

9.8CVSS9.8AI score0.6227EPSS

CVE•added 2020/10/06 1:15 p.m.•84 views

CVE-2020-24214

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash. The device will not be able to perform its main purpose of video encoding and streaming for ...

9.8CVSS9.5AI score0.29408EPSS

CVE•added 2020/10/06 1:15 p.m.•75 views

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration (with the cleartext admin password), and uplo...

9.8CVSS9.7AI score0.27624EPSS

CVE•added 2020/10/06 2:15 p.m.•42 views

CVE-2020-24216

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to be ...

7.5CVSS7.8AI score0.00712EPSS