F312a Firmware

f312a_firmware

Vendor: Zavio • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-2570 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user exec...Show more A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.Show less
CVE-2013-2569 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stre...Show more A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.Show less
CVE-2013-2568 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
CVE-2013-2567 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.