RSS   Vulnerabilities for 'Camera'   RSS

2019-09-18
 
CVE-2019-14458

CWE-20
 
 
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.

 
2019-09-10
 
CVE-2019-14457

CWE-120
 
 
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.

 
 
CVE-2019-10256

CWE-287
 
 
An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.

 
2019-01-03
 
CVE-2018-18244

CWE-79
 
 
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.

 
 
CVE-2018-18005

CWE-79
 
 
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.

 
 
CVE-2018-18004

CWE-425
 
 
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.

 
2018-09-05
 
CVE-2018-14771

CWE-77
 
 
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi.

 
 
CVE-2018-14770

CWE-77
 
 
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service).

 
 
CVE-2018-14769

CWE-352
 
 
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.

 
2018-08-29
 
CVE-2018-14768

CWE-77
 
 
Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code.

 

Copyright 2024, cxsecurity.com

 

Back to Top