3 matches found
CVE-2013-3585
CVE-2013-3585 involves Samsung Web Viewer for Samsung DVR devices, where credentials are stored in cleartext (CWE-313). The vulnerability allows context-dependent attackers to obtain sensitive credentials via direct file access or through the user-setup web page. Connected sources also reference ...
CVE-2013-3586
CVE-2013-3586 affects Samsung Web Viewer for Samsung DVR devices. The vulnerability is an authentication bypass in cookie handling where any SessionID after SessionID= is accepted, enabling remote unauthenticated access to internal pages (including cameras and admin areas) and potentially exposin...
CVE-2014-9266
Summary of CVE-2014-9266 (Samsung SmartViewer): The STWConfig ActiveX control in Samsung SmartViewer contains a flaw where a variable is not initialized before use, enabling remote code execution. According to ZDI-14-400, exploitation requires user interaction (target visits a malicious page or o...