Swannsecurity
Products
5- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-7487 | Cri | 0.64 | 9.8 | 0.03 | Mar 21, 2020 | On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000. | ||
| CVE-2018-20955 | Cri | 0.64 | 9.8 | 0.02 | Aug 8, 2019 | Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31. | ||
| CVE-2018-20956 | Med | 0.36 | 5.5 | 0.00 | Aug 8, 2019 | Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31. | ||
| CVE-2015-8287 | Med | 0.35 | 5.3 | 0.01 | Feb 18, 2016 | Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL. | ||
| CVE-2009-0640 | 0.03 | — | 0.03 | Feb 20, 2009 | Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords. | |||
| CVE-2009-0644 | 0.00 | — | 0.01 | Feb 18, 2009 | The HTTP interface in Swann DVR4-SecuraNet has a certain default administrative username and password, which makes it easier for remote attackers to obtain privileged access. |
- risk 0.64cvss 9.8epss 0.03
On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000.
- risk 0.64cvss 9.8epss 0.02
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.
- risk 0.36cvss 5.5epss 0.00
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31.
- risk 0.35cvss 5.3epss 0.01
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL.
- CVE-2009-0640Feb 20, 2009risk 0.03cvss —epss 0.03
Directory traversal vulnerability in the administrative web server in Swann DVR4-SecuraNet allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by reading the vy_netman.cfg file that contains passwords.
- CVE-2009-0644Feb 18, 2009risk 0.00cvss —epss 0.01
The HTTP interface in Swann DVR4-SecuraNet has a certain default administrative username and password, which makes it easier for remote attackers to obtain privileged access.