VYPR

camera firmware

by MIPC

CVEs (3)

  • CVE-2024-39091HigAug 12, 2024
    risk 0.57cvss 8.8epss 0.02

    An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers within the same network to execute arbitrary code via a crafted HTML request.

  • CVE-2022-40784HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406.

  • CVE-2022-40785HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.02

    Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app.