Skip to main content

Nextgen Dvr Firmware

4 CVEs product

Monthly

CVE-2020-11682 MEDIUM This Month

Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Nextgen Dvr Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-11681 HIGH This Week

Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nextgen Dvr Firmware
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2020-11680 MEDIUM This Month

Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nextgen Dvr Firmware
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-11679 HIGH POC This Week

Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Authentication Bypass Nextgen Dvr Firmware
NVD
CVSS 3.1
8.8
EPSS
2.0%
EPSS 1% CVSS 6.5
MEDIUM This Month

Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Nextgen Dvr Firmware
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nextgen Dvr Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator functionality. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nextgen Dvr Firmware
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Authentication Bypass Nextgen Dvr Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy