Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dvr vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-6638
March Networks DVR 3204 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain usernames, passwords, device names, and IP addresses via a direct request for scripts/logfiles.tar.gz.
March Networks 3204 Dvr
1 EDB exploit
1 Github repository
7.6
CVSSv2
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote malicious users to bypass authentication via an arbitrary SessionID value in a cookie.
Samsung Smart Viewer -
Samsung Dvr -
1 EDB exploit
7.8
CVSSv2
CVE-2008-4380
The web interface in Samsung DVR SHR2040 allows remote malicious users to cause a denial of service (crash) via a malformed HTTP request, related to the filter for configuration properties and "/x" characters.
Samsung Dvr Shr2040 B3.03e-k1.53-v2.19 0705281908
1 EDB exploit
4.3
CVSSv2
CVE-2014-8006
The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote malicious users to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422.
Cisco Isb8320-e High-definition Ip-only Dvr -
9.3
CVSSv2
CVE-2011-3828
DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote malicious users to execute arbitrary code via a crafted DVRobot.dll file in a manifest directory on a web server.
Sunplus-tech Dvr Remote Activex Control 2.1.0.39
6.8
CVSSv2
CVE-2013-7487
On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote malicious users to execute arbitrary code via TCP port 9000.
Swann Dvr04b Firmware -
Swann Dvr08b Firmware -
Swann Dvr-16cif Firmware -
Swann Dvr16b Firmware -
10
CVSSv2
CVE-2003-0240
The web-based administration capability for various Axis Network Camera products allows remote malicious users to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Axis 2110 Network Camera
Axis 2120 Network Camera
Axis 2100 Network Camera
Axis 250s Video Server
Axis 2130 Ptz Network Camera
Axis 2400 Video Server
Axis 2401 Video Server
Axis 2420 Network Camera
Axis 2460 Network Dvr
1 EDB exploit
6.5
CVSSv2
CVE-2020-11679
Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Adminstrator/Users/Edit/:UserId fails to check that the request was submitted by an Administrator. This allows a normal user to escalate their privileges by ...
Castel Nextgen Dvr Firmware 1.0.0
4
CVSSv2
CVE-2020-11680
Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. The application fails to check that a request was submitted by an administrator. Consequently, a normal user can perform actions including, but not limited to, creating/modifying t...
Castel Nextgen Dvr Firmware 1.0.0
4
CVSSv2
CVE-2020-11681
Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.
Castel Nextgen Dvr Firmware 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »