Dvr
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-47945 | Hig | 0.51 | 7.8 | 0.00 | May 10, 2026 | Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be… | ||
| CVE-2013-3586 | 0.04 | — | 0.12 | Aug 28, 2013 | Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. | |||
| CVE-2023-47674 | 0.00 | — | 0.01 | Nov 16, 2023 | Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB,… | |||
| CVE-2023-3704 | 0.00 | — | 0.01 | Aug 24, 2023 | The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable… | |||
| CVE-2020-10514 | 0.00 | — | 0.02 | Apr 15, 2020 | iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command. | |||
| CVE-2020-10513 | 0.00 | — | 0.01 | Apr 15, 2020 | The file management interface of iCatch DVR firmware before 20200103 contains broken access control which allows the attacker to remotely manipulate arbitrary file. |
- risk 0.51cvss 7.8epss 0.00
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be…
- CVE-2013-3586Aug 28, 2013risk 0.04cvss —epss 0.12
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.
- CVE-2023-47674Nov 16, 2023risk 0.00cvss —epss 0.01
Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided only for Late model of CFR-4EABC, CFR-4EAB,…
- CVE-2023-3704Aug 24, 2023risk 0.00cvss —epss 0.01
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable…
- CVE-2020-10514Apr 15, 2020risk 0.00cvss —epss 0.02
iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command.
- CVE-2020-10513Apr 15, 2020risk 0.00cvss —epss 0.01
The file management interface of iCatch DVR firmware before 20200103 contains broken access control which allows the attacker to remotely manipulate arbitrary file.