cbcvebase.

Dw Megapix Firmware vulnerabilities

6 known vulnerabilities affecting dw/megapix_firmware.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2022-34538P1HIGHCVSS 8.8Exploitedv4.2.0.328422022-07-19
CVE-2022-34538 [HIGH] CWE-78 CVE-2022-34538: Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request.
nvd
CVE-2022-34540P3HIGHCVSS 8.8v4.2.0.328422022-07-19
CVE-2022-34540 [HIGH] CWE-78 CVE-2022-34540: Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request.
nvd
CVE-2022-34539P3HIGHCVSS 8.8v4.2.0.328422022-07-19
CVE-2022-34539 [HIGH] CWE-78 CVE-2022-34539: Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request.
nvd
CVE-2022-34535P3HIGHCVSS 7.5v4.2.0.328422022-07-19
CVE-2022-34535 [HIGH] CWE-287 CVE-2022-34535: Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view inte Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files.
nvd
CVE-2022-34536P3HIGHCVSS 7.5v4.2.0.328422022-07-19
CVE-2022-34536 [HIGH] CWE-384 CVE-2022-34536: Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token.
nvd
CVE-2022-34537P4MEDIUMCVSS 5.4v4.2.0.328422022-07-19
CVE-2022-34537 [MEDIUM] CWE-79 CVE-2022-34537: Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site script Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.
nvd
Dw Megapix Firmware vulnerabilities | cvebase