androvideo CVE 脆弱性と CVE 一覧（5）

製品（CPE）: — CVE 件数: 5

androvideo 脆弱性概要

androvideo 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題はパス処理の欠陥 and vendor risk cross-site scripting に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈でファイル上書き and vendor impact session compromise などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移（直近24か月）

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2019-13408	A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.	[email protected]	7.5	1.91%	2019-08-29	2024-11-21
CVE-2019-13407	A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly.	[email protected]	6.1	1.05%	2019-08-29	2024-11-21
CVE-2019-13406	A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication.	[email protected]	7.5	1.57%	2019-08-29	2024-11-21
CVE-2019-13405	A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software.	[email protected]	9.8	2.93%	2019-08-29	2024-11-21
CVE-2019-11064	A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication.	[email protected]	9.8	1.94%	2019-08-29	2024-11-21

cvelogic Threat Intelligence