VYPR

IP Cameras

by Zavio

CVEs (8)

  • CVE-2013-2568CriJan 29, 2020
    risk 0.71cvss 9.8epss 0.49

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.

  • CVE-2013-2570CriJan 29, 2020
    risk 0.69cvss 9.8epss 0.27

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.

  • CVE-2023-3959CriNov 8, 2023
    risk 0.67cvss 9.8epss 0.40

    Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product…

  • CVE-2023-45225CriNov 8, 2023
    risk 0.64cvss 9.8epss 0.01

    Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras  with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the…

  • CVE-2023-43755CriNov 8, 2023
    risk 0.64cvss 9.8epss 0.01

    Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the processing and parsing of certain fields in XML elements from…

  • CVE-2023-4249HigNov 8, 2023
    risk 0.58cvss 8.8epss 0.10

    Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests.

  • CVE-2013-2569HigJan 29, 2020
    risk 0.54cvss 7.5epss 0.31

    A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.

  • CVE-2013-2567HigJan 29, 2020
    risk 0.53cvss 7.5epss 0.15

    An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.