Vulnerabilities > DW
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-19 | CVE-2022-34534 | Unspecified vulnerability in DW Spectrum Server Firmware 4.2.0.32842 Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call. | 7.5 |
| 2022-07-19 | CVE-2022-34535 | Improper Authentication vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files. | 7.5 |
| 2022-07-19 | CVE-2022-34536 | Session Fixation vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token. | 7.5 |
| 2022-07-19 | CVE-2022-34537 | Cross-site Scripting vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi. | 5.4 |
| 2022-07-19 | CVE-2022-34538 | OS Command Injection vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. | 8.8 |
| 2022-07-19 | CVE-2022-34539 | OS Command Injection vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. | 8.8 |
| 2022-07-19 | CVE-2022-34540 | OS Command Injection vulnerability in DW Megapix Firmware 4.2.0.32842 Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. | 8.8 |