Vulnerabilities (CVE)

Filtered by vendor Abus Subscribe
Filtered by product Tvip 10001
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17879 1 Abus 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more 2024-11-21 N/A 9.8 CRITICAL
An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts.
CVE-2018-17878 1 Abus 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more 2024-11-21 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function.
CVE-2018-17559 1 Abus 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more 2024-11-21 N/A 7.5 HIGH
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.
CVE-2018-17558 1 Abus 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more 2024-11-21 N/A 9.8 CRITICAL
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root.
CVE-2018-16739 1 Abus 94 Tvip 10000, Tvip 10000 Firmware, Tvip 10001 and 91 more 2024-11-21 N/A 8.8 HIGH
An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges.