Vacron
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-1338 | Hig | 0.48 | 7.3 | 0.52 | Feb 16, 2025 | A vulnerability was found in NUUO Camera up to 20250203. It has been declared as critical. This vulnerability affects the function print_file of the file /handle_config.php. The manipulation of the argument log leads to command injection. The attack can be initiated remotely.… | ||
| CVE-2025-8613 | Hig | 0.47 | 7.2 | 0.01 | Sep 2, 2025 | Vacron Camera ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vacron Camera devices. Authentication is required to exploit this vulnerability. The specific flaw exists… | ||
| CVE-2024-57272 | Med | 0.40 | 6.1 | 0.00 | Jan 27, 2025 | SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS). | ||
| CVE-2021-33550 | 0.10 | — | 0.56 | Sep 13, 2021 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2023-5037 | 0.00 | — | 0.02 | Nov 13, 2023 | badmonkey, a Security Researcher has found a flaw that allows for a authenticated command injection on the camera. An attacker could inject malicious into request packets to execute command. The manufacturer has released patch firmware for the flaw, please refer to the… | |||
| CVE-2022-30620 | 0.00 | — | 0.00 | Jul 18, 2022 | On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". Administrative Privileges which allows changing various configuration in the… |
- risk 0.48cvss 7.3epss 0.52
A vulnerability was found in NUUO Camera up to 20250203. It has been declared as critical. This vulnerability affects the function print_file of the file /handle_config.php. The manipulation of the argument log leads to command injection. The attack can be initiated remotely.…
- risk 0.47cvss 7.2epss 0.01
Vacron Camera ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vacron Camera devices. Authentication is required to exploit this vulnerability. The specific flaw exists…
- risk 0.40cvss 6.1epss 0.00
SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS).
- CVE-2021-33550Sep 13, 2021risk 0.10cvss —epss 0.56
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code.
- CVE-2023-5037Nov 13, 2023risk 0.00cvss —epss 0.02
badmonkey, a Security Researcher has found a flaw that allows for a authenticated command injection on the camera. An attacker could inject malicious into request packets to execute command. The manufacturer has released patch firmware for the flaw, please refer to the…
- CVE-2022-30620Jul 18, 2022risk 0.00cvss —epss 0.00
On Cellinx Camera with guest enabled, attacker with web access can elevate privileges to administrative: "1" to "0" privileges by changing the following cookie values from "is_admin", "showConfig". Administrative Privileges which allows changing various configuration in the…