Vulnerabilities > Avtech

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2013-4982 Improper Authentication vulnerability in Avtech Avn801 DVR Firmware 1017100310091003
AVTECH AVN801 DVR has a security bypass via the administration login captcha
network
low complexity
avtech CWE-287
7.5
2019-07-07 CVE-2019-13379 Exposure of Resource to Wrong Sphere vulnerability in Avtech Room Alert 3E Firmware
On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in.
network
low complexity
avtech CWE-668
critical
9.0
2014-03-03 CVE-2013-4981 Buffer Errors vulnerability in Avtech Avn801 DVR and Avn801 DVR Firmware
Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter.
network
low complexity
avtech CWE-119
critical
9.0
2014-03-03 CVE-2013-4980 Buffer Errors vulnerability in Avtech Avn801 DVR and Avn801 DVR Firmware
Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request.
network
low complexity
avtech CWE-119
critical
9.0
2008-09-05 CVE-2008-3939 Path Traversal vulnerability in Avtech Pager Enterprise 4.3.7
Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.
network
low complexity
avtech CWE-22
5.0