cbcvebase.

Zavio F3105 Firmware vulnerabilities

4 known vulnerabilities affecting zavio/f3105_firmware.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2

Vulnerabilities

Page 1 of 1
CVE-2013-2568P2CRITICALCVSS 9.8PoC≤ 1.6.032020-01-29
CVE-2013-2568 [CRITICAL] CWE-78 CVE-2013-2568: A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to / A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
nvd
CVE-2013-2570P2CRITICALCVSS 9.8PoC≤ 1.6.032020-01-29
CVE-2013-2570 [CRITICAL] CWE-78 CVE-2013-2570: A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.S A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.
nvd
CVE-2013-2569P2HIGHCVSS 7.5PoC≤ 1.6.032020-01-29
CVE-2013-2569 [HIGH] CWE-287 CVE-2013-2569: A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol a A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.
nvd
CVE-2013-2567P2HIGHCVSS 7.5PoC≤ 1.6.032020-01-29
CVE-2013-2567 [HIGH] CWE-798 CVE-2013-2567: An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.0 An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.
nvd
Zavio F3105 Firmware vulnerabilities | cvebase