uniview CVE 脆弱性と CVE 一覧(6)

製品(CPE): — CVE 件数: 6

uniview 脆弱性概要

uniview 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk cross-site scripting、バッファオーバーフロー, and vendor risk input validation に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact memory corruption and vendor impact unexpected behavior などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 16 / 6 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2024-3850 Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS). An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is limited. Also, even if JavaScript is executed, no additional benefits are obtained. [email protected] 4.8 0.90% 2024-06-10 2026-06-17
CVE-2024-0778 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to os command injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251696. NOTE: This vulnerability only affects products that are no l [email protected] 8.0 32.09% 2024-01-22 2026-06-17
CVE-2023-0773 The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device. [email protected] 9.1 1.17% 2023-09-19 2026-06-17
CVE-2021-45039 Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using this buffer overflow, a remote attacker can start the telnetd service. This service has a hardcoded default username and password (root/123456). Although it has a restrictive shell, this can be easil [email protected] 9.8 4.23% 2023-05-31 2026-06-17
CVE-2020-21452 An issue was discovered in uniview ISC2500-S. This is an upload vulnerability where an attacker can upload malicious code via /Interface/DevManage/EC.php?cmd=upload [email protected] 9.8 1.09% 2021-04-29 2026-06-16
CVE-2018-14923 A vulnerability in uniview EZPlayer 1.0.6 could allow an attacker to execute arbitrary code on a targeted system via video playback. [email protected] 7.8 1.41% 2018-08-03 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence