Vulnerabilities > Ezviz

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-41613 Uncontrolled Search Path Element vulnerability in Ezviz Studio 2.2.0
EzViz Studio v2.2.0 is vulnerable to DLL hijacking.
local
low complexity
ezviz CWE-427
7.8
2023-11-28 CVE-2023-48121 Improper Authentication vulnerability in Ezviz products
An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior to v5.3.x build 20230401, Ezviz CS-CV310-xxx prior to v5.3.x build 20230401, Ezviz CS-C6CN-xxx prior to v5.3.x build 20230401, Ezviz CS-C3N-xxx prior to v5.3.x build 20230401 allows remote attackers to obtain sensitive information by sending crafted messages to the affected devices.
network
low complexity
ezviz CWE-287
5.3
2023-08-01 CVE-2023-34551 Out-of-bounds Write vulnerability in Ezviz products
In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution.
low complexity
ezviz CWE-787
8.0
2023-08-01 CVE-2023-34552 Out-of-bounds Write vulnerability in Ezviz products
In certain EZVIZ products, two stack based buffer overflows in mulicast_parse_sadp_packet and mulicast_get_pack_type functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution.
low complexity
ezviz CWE-787
8.8
2022-09-15 CVE-2022-2471 Unspecified vulnerability in Ezviz products
Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device.
network
low complexity
ezviz
critical
9.8
2022-09-15 CVE-2022-2472 Unspecified vulnerability in Ezviz Cs-C6N-A0-1C2Wfr Firmware 5.3.0
Improper Initialization vulnerability in the local server component of EZVIZ CS-C6N-A0-1C2WFR allows a local attacker to read the contents of the memory space containing the encrypted admin password.
local
low complexity
ezviz
5.5