Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dvr vulnerabilities and exploits
(subscribe to this query)
765
VMScore
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote malicious users to bypass authentication via an arbitrary SessionID value in a cookie.
Samsung Smart Viewer -
Samsung Dvr -
1 EDB exploit
1000
VMScore
CVE-2007-6638
March Networks DVR 3204 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain usernames, passwords, device names, and IP addresses via a direct request for scripts/logfiles.tar.gz.
March Networks 3204 Dvr
1 EDB exploit
1 Github repository
785
VMScore
CVE-2008-4380
The web interface in Samsung DVR SHR2040 allows remote malicious users to cause a denial of service (crash) via a malformed HTTP request, related to the filter for configuration properties and "/x" characters.
Samsung Dvr Shr2040 B3.03e-k1.53-v2.19 0705281908
1 EDB exploit
383
VMScore
CVE-2014-8006
The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote malicious users to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422.
Cisco Isb8320-e High-definition Ip-only Dvr -
828
VMScore
CVE-2011-3828
DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote malicious users to execute arbitrary code via a crafted DVRobot.dll file in a manifest directory on a web server.
Sunplus-tech Dvr Remote Activex Control 2.1.0.39
605
VMScore
CVE-2013-7487
On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote malicious users to execute arbitrary code via TCP port 9000.
Swann Dvr04b Firmware -
Swann Dvr08b Firmware -
Swann Dvr-16cif Firmware -
Swann Dvr16b Firmware -
1000
VMScore
CVE-2003-0240
The web-based administration capability for various Axis Network Camera products allows remote malicious users to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Axis 2110 Network Camera
Axis 2120 Network Camera
Axis 2100 Network Camera
Axis 250s Video Server
Axis 2130 Ptz Network Camera
Axis 2400 Video Server
Axis 2401 Video Server
Axis 2420 Network Camera
Axis 2460 Network Dvr
1 EDB exploit
357
VMScore
CVE-2020-11680
Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. The application fails to check that a request was submitted by an administrator. Consequently, a normal user can perform actions including, but not limited to, creating/modifying t...
Castel Nextgen Dvr Firmware 1.0.0
384
VMScore
CVE-2020-11682
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all reque...
Castel Nextgen Dvr Firmware 1.0.0
357
VMScore
CVE-2020-11681
Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.
Castel Nextgen Dvr Firmware 1.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »