Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-7204 | 1 Conceptronic | 2 Cipcamptiwl, Cipcamptiwl 1.0 Firmware | 2018-10-09 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. | |||||
CVE-2018-6407 | 1 Conceptronic | 3 Cipcamptiwl, Cipcamptiwl Firmware, Cipcamptiwl Web Firmware | 2018-02-27 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. | |||||
CVE-2018-6408 | 1 Conceptronic | 3 Cipcamptiwl, Cipcamptiwl Firmware, Cipcamptiwl Web Firmware | 2018-02-27 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account. |