Skip to main content

Smartviewer

4 CVEs product

Monthly

CVE-2018-11689 MEDIUM POC This Month

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Samsung Smartviewer Hrd 1642 Firmware Hrd 842 Firmware +7
NVD
CVSS 3.1
6.1
EPSS
1.6%
CVE-2015-8040 MEDIUM This Month

The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Samsung Smartviewer
NVD
CVSS 2.0
6.8
EPSS
1.9%
CVE-2015-8039 MEDIUM This Month

Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Samsung Smartviewer
NVD
CVSS 2.0
6.8
EPSS
2.1%
CVE-2014-9265 MEDIUM POC This Month

Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Samsung Buffer Overflow Smartviewer
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
8.6%
EPSS 2% CVSS 6.1
MEDIUM POC This Month

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Samsung Smartviewer +9
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Samsung Smartviewer
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Samsung Smartviewer
NVD
EPSS 9% CVSS 6.8
MEDIUM POC This Month

Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Samsung Buffer Overflow +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy