VYPR
Vendor

Airlive

Products
11
CVEs
7
Across products
20
Status
Private

Products

11

Recent CVEs

7
  • CVE-2014-8389CriDec 28, 2017
    risk 0.68cvss 9.8epss 0.50

    cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026 with firmware 1.43 21.08.2014, AirLive MD-3025 with firmware 1.81 21.08.2014, AirLive WL-2000CAM with firmware LM.1.6.18 14.10.2011, and AirLive POE-200CAM v2 with firmware…

  • CVE-2015-2279CriJul 25, 2017
    risk 0.68cvss 9.8epss 0.18

    cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an "&" (ampersand) in the write_mac write_pid, write_msn, write_tan, or…

  • CVE-2013-3686Oct 11, 2013
    risk 0.05cvss epss 0.28

    cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera models allows remote attackers to obtain the administrator password via a list action.

  • CVE-2013-3691Dec 11, 2019
    risk 0.04cvss epss 0.04

    AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL.

  • CVE-2013-3541Oct 4, 2013
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other camera models allows remote attackers to read arbitrary files via a .. (dot dot) in the READ.filePath parameter.

  • CVE-2013-3687Oct 11, 2013
    risk 0.03cvss epss 0.03

    AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models use cleartext to store sensitive information, which allows attackers to obtain passwords, user names, and other sensitive information by reading an unspecified…

  • CVE-2013-3540Oct 4, 2013
    risk 0.03cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests…