Vulnerabilities (CVE)

Vendor filter

Sv3c Subscribe

Filter

7 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-12674 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-11 2.9
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain...
CVE-2018-12675 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-11 5.8
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint.
CVE-2018-12671 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-11 5.0
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This...
CVE-2018-12673 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-11 5.0
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including camera hardware, wireless network, and local area...
CVE-2018-12672 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-11 3.5
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be...
CVE-2018-12670 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-09 10.0
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.
CVE-2018-12669 1 Sv3c 1 H.264 Poe Ip Camera Firmware 2019-01-09 6.5
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.