Zavio

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-4249 1Zavio 11B8220 Firmware B8520 FirmwareCb3211 Firmware+8 more Nov 21, 2024 Nov 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binar...Show more Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests. Show less
CVE-2023-45225 1Zavio 11B8220 Firmware B8520 FirmwareCb3211 Firmware+8 more Nov 21, 2024 Nov 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing...Show more Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. Show less
CVE-2023-43755 1Zavio 11B8220 Firmware B8520 FirmwareCb3211 Firmware+8 more Nov 21, 2024 Nov 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the pr...Show more Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the processing and parsing of certain fields in XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. Show less
CVE-2023-3959 1Zavio 11B8220 Firmware B8520 FirmwareCb3211 Firmware+8 more Nov 21, 2024 Nov 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processi...Show more Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. Show less
CVE-2023-39435 1Zavio 11B8220 Firmware B8520 FirmwareCb3211 Firmware+8 more Nov 21, 2024 Nov 8, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. During the process of updating certai...Show more Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. During the process of updating certain settings sent from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. Show less
CVE-2013-2570 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user exec...Show more A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.Show less
CVE-2013-2569 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stre...Show more A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.Show less
CVE-2013-2568 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
CVE-2013-2567 1Zavio 2F3105 Firmware F312a Firmware Nov 21, 2024 Jan 29, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.