Skip to main content

In Sight B120 37

3 CVEs product

Monthly

CVE-2015-2884 HIGH POC This Week

Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure In Sight B120 37
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-2883 MEDIUM This Month

Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP In Sight B120 37
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2015-2882 CRITICAL POC Act Now

Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass In Sight B120 37
NVD
CVSS 3.0
9.8
EPSS
1.0%
EPSS 0% CVSS 7.5
HIGH POC This Week

Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure In Sight B120 37
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP In Sight B120 37
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass In Sight B120 37
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy