Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
QNAP has already patched this vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.