Vulnerabilities (CVE)

Filtered by vendor Avtech Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13379 1 Avtech 2 Room Alert 3e, Room Alert 3e Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in.
CVE-2013-4982 1 Avtech 2 Avn801 Dvr, Avn801 Dvr Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
AVTECH AVN801 DVR has a security bypass via the administration login captcha
CVE-2013-4981 1 Avtech 2 Avn801 Dvr, Avn801 Dvr Firmware 2024-11-21 9.0 HIGH N/A
Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter.
CVE-2013-4980 1 Avtech 2 Avn801 Dvr, Avn801 Dvr Firmware 2024-11-21 9.0 HIGH N/A
Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request.
CVE-2008-3939 1 Avtech 1 Pager Enterprise 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.
CVE-2024-7029 1 Avtech 2 Avm1203, Avm1203 Firmware 2024-09-17 N/A 9.8 CRITICAL
Commands can be injected over the network and executed without authentication.