Vulnerabilities > Abus > Tvip 31001 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2018-16739 Path Traversal vulnerability in Abus products
An issue was discovered on certain ABUS TVIP devices.
network
low complexity
abus CWE-22
8.8
2023-10-26 CVE-2018-17558 Use of Hard-coded Credentials vulnerability in Abus products
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/ directory on ABUS TVIP TVIP20050 LM.1.6.18, TVIP10051 LM.1.6.18, TVIP11050 MG.1.6.03.05, TVIP20550 LM.1.6.18, TVIP10050 LM.1.6.18, TVIP11550 MG.1.6.03, TVIP21050 MG.1.6.03, and TVIP51550 MG.1.6.03 cameras allow remote attackers to execute code as root.
network
low complexity
abus CWE-798
critical
9.8
2023-10-26 CVE-2018-17559 Link Following vulnerability in Abus products
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video stream of certain ABUS TVIP cameras.
network
low complexity
abus CWE-59
7.5
2023-10-26 CVE-2018-17878 Classic Buffer Overflow vulnerability in Abus products
Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function.
network
low complexity
abus CWE-120
critical
9.8
2023-10-26 CVE-2018-17879 OS Command Injection vulnerability in Abus products
An issue was discovered on certain ABUS TVIP cameras.
network
low complexity
abus CWE-78
critical
9.8