Reolink E1 Zoom Camera versions 3.0.0.716 and below suffer from a private key disclosure vulnerability.
6a0bd039c1f58f660697b01a27d1512dbd2ffb57a9229991176f80a78cd66c64Debian Linux Security Advisory 2559-1 - Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files.
c8bf62536ad8e1aa054b95d4326eede5318456337e927cddf2983c064b9c88b3Secunia Security Advisory - A vulnerability has been reported in Foscam IP Cameras, which can be exploited by malicious people to bypass certain security restrictions.
b792a1bae5aa22b8e95b0712608653e11183d6ccca6cf79226ca438b7bb3534eSecunia Security Advisory - A vulnerability has been reported in Wansview IP Cameras, which can be exploited by malicious people to bypass certain security restrictions.
d7cdad5049f36135c0f490e867d90f1ba89e0e94e2dbba0cb1d044b87de6ae38This Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, when handling a specially crafted sURL argument, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.
5a88ff9a13dc712f648150200591ec804a09cb0631600c4db7449f3c17604a4bThis Metasploit module exploits a vulnerability found in Cisco Linksys PlayerPT 1.0.0.15 as the installed with the web interface of Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera. The vulnerability, due to the insecure usage of sprintf in the SetSource method, allows to trigger a stack based buffer overflow which leads to code execution under the context of the user visiting a malicious web page.
2dfadd85c9c6ae2a3b6dbc4fd0a0377aac24947c5d90300dbf9bd50e9aa7ebe9Vivotek Cameras suffer from a configuration disclosure vulnerability that leaks password information.
d058e2a1787927c136f919f18b911e8101c71269a4d32b051967630ea19ce337Secunia Security Advisory - A vulnerability has been reported in Edimax IC-3030iWn Network Camera, which can be exploited by malicious people to disclose sensitive information.
f4cd0de086ff9f40c210133d0848e3f36873522b32307d11c836b710be647608The ACTi Web Configurator 3.0 for ACTi IP Surveillance Cameras contains a directory traversal vulnerability within the cgi-bin directory. An unauthenticated remote attacker can use this vulnerability to retrieve arbitrary files that are located outside the root of the web server.
cd526d96e19262e3b3c0e25617019f84a594ac02d555f92b3a0491802618f9b0This Metasploit module exploits a vulnerability found in TRENDnet SecurView Internet Camera's ActiveX control. By supplying a long string of data as the sFilter argument of the OpenFileDlg() function, it is possible to trigger a buffer overflow condition due to WideCharToMultiByte (which converts unicode back to) overwriting the stack more than it should, which results arbitrary code execution under the context of the user.
dbd0c9ab83279260de0fbf18041f491375843cf365e6a1c3874208c117b871efSecunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in Camera Stream Client ActiveX Control, which can be exploited by malicious people to compromise a user's system.
0f4504cc49e35bf338bc479bad45e5714cbb5312754432f200fd859dc09d41e8The TRENDnet SecurView TV-IP121WN wireless internet camera UltraMJCam active-x control suffers from an OpenFileDlg() WideCharToMultiByte remote buffer overflow. Proof of concept code included.
a1448bcd0d8740d3db37283f486bc15f2158a7b7818ccafbfc0569b5d3cb8984Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT active-x control (PlayerPT.ocx) suffers from a sprintf buffer overflow vulnerability. Version 1.0.0.15 is affected.
3933dd1431da4c063e62908b6d60cf61accefadfda1561e952bfa4c9d5163a86Secunia Security Advisory - Matt Metzger has reported a vulnerability in Axis M10 Series Network Cameras, which can be exploited by malicious people to conduct cross-site scripting attacks.
8924d27eaa8b664dfa3d35ef9488347980434b3e3be841dc0bdf3a76797f3222Secunia Security Advisory - A vulnerability has been reported in Cisco Video Surveillance IP Cameras, which can be exploited by malicious people to cause a DoS (Denial of Service).
3359e7ca246fe2d995d3426096d761ee2e4ae318f307f38698415211eae2b9c5Secunia Security Advisory - A vulnerability has been reported in multiple Cisco Video Surveillance IP Cameras, which can be exploited by malicious people to cause a DoS (Denial of Service).
a3ed0db8227d96eb9746aaf40f199858f615dcc283e2e6781783b15e77f62478Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator. There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras. Mitigations that can be deployed on Cisco devices within the network are available.
90d5db5f360bea70d066f68d948ac86a0da38099919bc817eed564bf311599c8ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
ec63ef47d8f4cb8af21a3bc84ff1de6968805146682dd7f10982bde975d9bb5dA corrupt Canon Camera RAW file (.CR2) can cause a crash in the RawCamera library. This affects viewing files in both the Preview.app application or via Quick Look. Mac OS X 10.6.6 with RawCamera.bundle versions prior to 3.6 are affected.
bfa974140fd1bf14906e974ca1afd9e9e4884f61c2b178a9aa19ede528e993e7Secunia Security Advisory - A security issue has been reported in Digicom IP CAMERA 100W, which can be exploited by malicious people to bypass certain security restrictions.
91d95bb3adba83a97264b94731cd7053d4be0fa5911392077d150a19352cf7f7IP Cameras such as TRENDnet, Digicom, and iPUX all share a firmware that suffers from undocumented user, command injection, hidden telnet service, and various other vulnerabilities.
2e13035b1da24232cad2b5abbce7c0d6968fb792c214dcbcbecba7542a6aaf4bSecunia Security Advisory - A vulnerability has been reported in Rosewill RXS-3211 IP Camera, which can be exploited by malicious people to disclose sensitive information.
bd8011db62abfb7901f7c841a25077c1c49c6bc68c4cc92525bd2ae481e8a52dZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
63cd333011cdd550c0a27631a8353e140b57da531c51c13539a22cf06043130bThe RXS-3211 IP camera suffers a remote password disclosure vulnerability. Three proof of concepts included.
7a9fa6381cb300874d71bdda164f95ddfe8413953deed572858f6cc994849a74ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
fa766fe30723a4ead11423eaaadb48810a1c500231d02e5f06181a0e9f4ab51aPaul Harrington of NGS Secure has discovered a high risk vulnerability in Mac OS X Image RAW. Multiple buffer overflow issues existed in Image RAW's handling of Canon RAW images. Viewing a maliciously crafted Canon RAW image may result in an unexpected application termination or arbitrary code execution. Versions affected include Mac OS X 10.6 through 10.6.6, Mac OS X Server 10.6 through 10.6.6 with RawCamera.bundle versions prior to 3.6.
fc0b316cf82ddc0ac592117f4d7ddb4c7b690bf50443ed7dbdc636202f42012d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed