← Back

Cs Qr20 Firmware

cs-qr20_firmware

Vendor: Planex • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-45836
1Planex
5Cs Qr10 Firmware
Cs Qr20 FirmwareCs Qr220 Firmware+2 more
Mar 25, 2025
Sep 26, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the web browser of the u...Show more
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the web browser of the user.Show less
CVE-2022-38399
1Planex
2Cs Qr10 Firmware
Cs Qr20 Firmware
Nov 21, 2024
Sep 8, 2022
N/A· v4
6.8 MEDIUM· v3
N/A· v2
Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connec...Show more
Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connect to the product's specific serial connectionShow less
CVE-2017-12577
1Planex
2Cs Qr20 Firmware
Smacam Night Vision
Nov 21, 2024
Aug 24, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemCommand" to execute an...Show more
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin:password") is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission.Show less
CVE-2017-12576
1Planex
1Cs Qr20 Firmware
Nov 21, 2024
Aug 24, 2018
N/A· v4
7.2 HIGH· v3
9.0 HIGH· v2
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for de...Show more
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly (/admin/system_command.asp), you can execute any command.Show less