CVE-2018-16739
- EPSS 0.24%
- Published 26.10.2023 22:15:08
- Last modified 21.11.2024 03:53:16
An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges.
CVE-2018-17558
- EPSS 2.54%
- Published 26.10.2023 22:15:08
- Last modified 21.11.2024 03:54:35
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, ...
CVE-2018-17559
- EPSS 0.18%
- Published 26.10.2023 22:15:08
- Last modified 21.11.2024 03:54:36
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.
CVE-2018-17878
- EPSS 0.12%
- Published 26.10.2023 22:15:08
- Last modified 21.11.2024 03:55:07
Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function.
CVE-2018-17879
- EPSS 2.14%
- Published 26.10.2023 22:15:08
- Last modified 21.11.2024 03:55:07
An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.