Skip to main content

Smart Viewer

3 CVEs product

Monthly

CVE-2014-9266 MEDIUM This Month

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Samsung Code Injection Smart Viewer
NVD
CVSS 2.0
6.8
EPSS
2.0%
CVE-2013-3586 HIGH POC This Week

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Samsung Authentication Bypass Smart Viewer Dvr
NVD Exploit-DB
CVSS 2.0
7.6
EPSS
7.8%
CVE-2013-3585 MEDIUM POC THREAT This Month

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%.

Samsung Authentication Bypass Smart Viewer
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
11.3%
EPSS 2% CVSS 6.8
MEDIUM This Month

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Samsung Code Injection +1
NVD
EPSS 8% CVSS 7.6
HIGH POC This Week

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Samsung Authentication Bypass Smart Viewer +1
NVD Exploit-DB
EPSS 11% CVSS 5.0
MEDIUM POC THREAT This Month

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%.

Samsung Authentication Bypass Smart Viewer
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy