VYPR

Cipcamptiwl

by Conceptronic

CVEs (3)

  • CVE-2018-6408HigJan 30, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account.

  • CVE-2018-6407HigJan 30, 2018
    risk 0.51cvss 7.5epss 0.33

    An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device.

  • CVE-2013-7204Jan 17, 2014
    risk 0.04cvss epss 0.11

    Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users.