VYPR

Pt30x Ndi

by Ptzoptics

CVEs (2)

  • CVE-2024-8956KEVSep 17, 2024
    risk 0.19cvss epss 0.61

    PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and…

  • CVE-2024-8957KEVSep 17, 2024
    risk 0.16cvss epss 0.82

    PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956,…