| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-3687 | 7.8 |
AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models use cleartext to store sensitive information, which allows attackers to obtain passwords, user names, and other sensitive information by
|
15-10-2013 - 14:20 | 11-10-2013 - 21:55 | |
| CVE-2013-3686 | 10.0 |
cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera models allows remote attackers to obtain the administrator password via a list action.
|
15-10-2013 - 14:15 | 11-10-2013 - 21:55 | |
| CVE-2013-3543 | 8.8 |
The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) 6.2.10.11 for AXIS network cameras allows remote attackers to create or overwrite arbitrary files via a file path to the (1) StartRecord, (2) SaveCurrentImage, or (3) StartRecordM
|
07-10-2013 - 16:17 | 04-10-2013 - 23:55 | |
| CVE-2013-3689 | 7.8 |
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive informa
|
07-10-2013 - 15:38 | 04-10-2013 - 23:55 | |
| CVE-2013-3541 | 7.8 |
Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other camera models allows remote attackers to read arbitrary files via a .. (dot dot) in the READ.filePath parameter.
|
07-10-2013 - 15:38 | 04-10-2013 - 23:55 | |
| CVE-2013-3540 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of a
|
07-10-2013 - 14:55 | 04-10-2013 - 23:55 | |
| CVE-2013-3688 | 7.1 |
The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to (1) cause
|
04-10-2013 - 16:43 | 01-10-2013 - 19:55 | |
| CVE-2013-3539 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers t
|
02-10-2013 - 19:26 | 01-10-2013 - 19:55 | |
| CVE-2013-3962 | 4.3 |
Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models before firmware 1.0.4.44, allows remote attacker
|
02-10-2013 - 17:28 | 01-10-2013 - 19:55 | |
| CVE-2013-3690 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the a
|
02-10-2013 - 17:21 | 01-10-2013 - 19:55 | |
| CVE-2013-3963 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attack
|
02-10-2013 - 17:14 | 01-10-2013 - 19:55 | |
| CVE-2013-3964 | 4.3 |
Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
02-10-2013 - 17:10 | 01-10-2013 - 19:55 |