This page lists publicly disclosed CVE vulnerabilities affecting abus tvip_10550_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-17879 | An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to execute code via system() as root. There are several injection points in various scripts. | [email protected] | 9.8 | 62.19% | 2023-10-26 | 2024-11-21 |
| CVE-2018-17878 | Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function. | [email protected] | 9.8 | 0.12% | 2023-10-26 | 2024-11-21 |
| CVE-2018-17559 | Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras. | [email protected] | 7.5 | 0.18% | 2023-10-26 | 2024-11-21 |
| CVE-2018-17558 | Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root. | [email protected] | 9.8 | 2.54% | 2023-10-26 | 2024-11-21 |
| CVE-2018-16739 | An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges. | [email protected] | 8.8 | 0.24% | 2023-10-26 | 2024-11-21 |