In Sight B120 37
Monthly
Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.