Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ip camera firmware vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-14457
VIVOTEK IP Camera devices with firmware prior to 0x20x have a stack-based buffer overflow via a crafted HTTP header.
Vivotek Camera -
5
CVSSv2
CVE-2013-2567
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras up to and including 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
10
CVSSv2
CVE-2013-2568
A Command Injection vulnerability exists in Zavio IP Cameras up to and including 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
5
CVSSv2
CVE-2013-2569
A Security Bypass vulnerability exists in Zavio IP Cameras up to and including 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
7.5
CVSSv2
CVE-2013-2570
A Command Injection vulnerability exists in Zavio IP Cameras up to and including 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
NA
CVE-2022-23382
Shenzhen Hichip Vision Technology IP Camera Firmware V11.4.8.1.1-20170926 has a denial of service vulnerability through sending a crafted multicast message in a local network.
Hichip Shenzhen Hichip Vision Technology Firmware 11.4.8.1.1-20170926
5
CVSSv2
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Tp-link Tl-sc 3130 Firmware
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
10
CVSSv2
CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
10
CVSSv2
CVE-2015-8286
Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote malicious users to obtain access via a session on TCP port 23 or 9000.
Zhuhai Raysharp Firmware
NA
CVE-2013-25703
Core Security Technologies Advisory - Zavio IP cameras based on firmware versions 1.6.03 and below suffer from bypass, hard-coded credential, and arbitrary command execution vulnerabilities.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »