Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-2356 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password. | |||||
| CVE-2016-2360 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations. | |||||
| CVE-2016-2359 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource. | |||||
| CVE-2016-2357 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory. | |||||
| CVE-2016-2358 | 1 Milesight | 2 Ip Security Camera, Ip Security Camera Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts. | |||||