VYPR
Vendor

KERUI

Products
5
CVEs
5
Across products
6
Status
Private

Products

5

Recent CVEs

5
  • CVE-2018-13114CriOct 22, 2018
    risk 0.64cvss 9.8epss 0.02

    Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command.

  • CVE-2024-48214HigOct 30, 2024
    risk 0.55cvss 8.4epss 0.01

    KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that connects to the local network via a QR code. This vulnerability allows an attacker to create a custom, unauthenticated QR code and abuse one of the parameters, either SSID or PASSWORD,…

  • CVE-2023-31759HigMay 24, 2023
    risk 0.49cvss 7.5epss 0.00

    Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full access via a code replay attack.

  • CVE-2018-13115MedOct 22, 2018
    risk 0.42cvss 6.5epss 0.01

    Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user.

  • CVE-2025-63296Nov 10, 2025
    risk 0.00cvss epss 0.00

    KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution vulnerability in its boot/update logic: during startup /usr/sbin/anyka_service.sh scans mounted TF/SD cards and, if /mnt/update.nor.sh is present, copies it to /tmp/net.sh and executes…