Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ip security camera firmware vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
1000
VMScore
CVE-2013-2568
A Command Injection vulnerability exists in Zavio IP Cameras up to and including 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
1000
VMScore
CVE-2014-1849
Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote malicious users to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera...
Foscam Ip Camera Firmware 11.37.2.49
1 EDB exploit
1000
VMScore
CVE-2013-4977
Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote malicious users to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long s...
Hikvision Ds-2cd7153-e Firmware 4.1.0 B130111
Hikvision Ds-2cd7153-e -
1 EDB exploit
1 Article
905
VMScore
CVE-2013-1598
A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.
Vivotek Pt7135 Firmware 0300a
Vivotek Pt7135 Firmware 0400a
1 EDB exploit
890
VMScore
CVE-2016-6535
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which allows remote malicious users to obtain root access by leveraging knowledge of the credentials and establishing a TELNET session.
Aver Eh6108h\\+ Firmware X9.03.24.00.07l
890
VMScore
CVE-2016-6536
The /setup URI on AVer Information EH6108H+ devices with firmware X9.03.24.00.07l allows remote malicious users to bypass intended page-access restrictions or modify passwords by leveraging knowledge of a handle parameter value.
Aver Eh6108h\\+ Firmware
890
VMScore
CVE-2015-8286
Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote malicious users to obtain access via a session on TCP port 23 or 9000.
Zhuhai Raysharp Firmware
755
VMScore
CVE-2013-2570
A Command Injection vulnerability exists in Zavio IP Cameras up to and including 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.
Zavio F3105 Firmware
Zavio F312a Firmware
1 EDB exploit
755
VMScore
CVE-2013-1595
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.
Vivotek Pt7135 Firmware 0300a
Vivotek Pt7135 Firmware 0400a
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »