Web Viewer
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-8279 | Hig | 0.63 | 8.6 | 0.51 | Jan 15, 2016 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script. | ||
| CVE-2015-8281 | Hig | 0.49 | 7.5 | 0.04 | Jan 15, 2016 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations. | ||
| CVE-2015-8280 | Hig | 0.49 | 7.5 | 0.06 | Jan 15, 2016 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages. | ||
| CVE-2013-3585 | 0.05 | — | 0.24 | Aug 28, 2013 | Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page. | |||
| CVE-2013-3586 | 0.04 | — | 0.12 | Aug 28, 2013 | Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. |
- risk 0.63cvss 8.6epss 0.51
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.
- risk 0.49cvss 7.5epss 0.04
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations.
- risk 0.49cvss 7.5epss 0.06
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.
- CVE-2013-3585Aug 28, 2013risk 0.05cvss —epss 0.24
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
- CVE-2013-3586Aug 28, 2013risk 0.04cvss —epss 0.12
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.