3 matches found
CVE-2015-8279
CVE-2015-8279 affects Samsung SRN-1670D Web Viewer 1.0.0.193, enabling remote arbitrary file read via an unspecified PHP script. Connected records link this to credential exposure through cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw, and to later modules describing chained access ...
CVE-2015-8281
CVE-2015-8281 affects Samsung SRN-1670D Web Viewer 1.0.0.193. The root cause is a weak, custom encryption scheme based on XOR operations, enabling a remote attacker to bypass filesystem encryption and access arbitrary files (unauthenticated, per the NVD CVSSv3/7.8 base). Connected sources also in...
CVE-2015-8280
CVE-2015-8280 affects Samsung SRN-1670D Web Viewer 1.0.0.193. The issue is information disclosure: remote attackers can discover credentials by reading detailed error messages, per NVD entry. Other sources (CERT/CC) indicate no practical solution known and note the model is no longer supported; n...