CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Abus 47Tvip 10000 Firmware Tvip 10001 FirmwareTvip 10005 Firmware+44 moreNov 21, 2024 Oct 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts. |
1Abus 47Tvip 10000 Firmware Tvip 10001 FirmwareTvip 10005 Firmware+44 moreNov 21, 2024 Oct 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function. |
1Abus 47Tvip 10000 Firmware Tvip 10001 FirmwareTvip 10005 Firmware+44 moreNov 21, 2024 Oct 26, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras. |
1Abus 47Tvip 10000 Firmware Tvip 10001 FirmwareTvip 10005 Firmware+44 moreNov 21, 2024 Oct 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM...Show more |
1Abus 47Tvip 10000 Firmware Tvip 10001 FirmwareTvip 10005 Firmware+44 moreNov 21, 2024 Oct 26, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges. |