- EPSS 57.51%
- Published 29.01.2020 18:15:11
- Last modified 21.11.2024 01:51:58
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
CVE-2013-2569
- EPSS 68.04%
- Published 29.01.2020 18:15:11
- Last modified 21.11.2024 01:51:58
A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.
CVE-2013-2570
- EPSS 29.42%
- Published 29.01.2020 18:15:11
- Last modified 21.11.2024 01:51:58
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.
CVE-2013-2567
- EPSS 52.74%
- Published 29.01.2020 17:15:11
- Last modified 21.11.2024 01:51:57
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.