Show filters
92 Total Results
Displaying 1-10 of 92
Sort by:
Attacker Value
Unknown
CVE-2021-40150
Disclosure Date: July 17, 2022 (last updated October 07, 2023)
The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI.
0
Attacker Value
Unknown
CVE-2021-40149
Disclosure Date: July 17, 2022 (last updated October 07, 2023)
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. In this way an attacker can download the entire key via the /self.key URI.
0
Attacker Value
Unknown
CVE-2021-44419
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetMdAlarm param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44418
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetMdState param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44417
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetAlarm param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44416
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. Disconnect param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44415
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. ModifyUser param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44414
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. DelUser param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44413
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. AddUser param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-44412
Disclosure Date: January 28, 2022 (last updated October 07, 2023)
A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a reboot. GetRec param is not object. An attacker can send an HTTP request to trigger this vulnerability.
0
