Vulnerabilities > Ezviz > CS Cv310 A0 1C2Wfr Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-11-28 CVE-2023-48121 Improper Authentication vulnerability in Ezviz products
An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior to v5.3.x build 20230401, Ezviz CS-CV310-xxx prior to v5.3.x build 20230401, Ezviz CS-C6CN-xxx prior to v5.3.x build 20230401, Ezviz CS-C3N-xxx prior to v5.3.x build 20230401 allows remote attackers to obtain sensitive information by sending crafted messages to the affected devices.
network
low complexity
ezviz CWE-287
5.3
5.3
2023-08-01 CVE-2023-34551 Out-of-bounds Write vulnerability in Ezviz products
In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution.
low complexity
ezviz CWE-787
8.0
8.0
2023-08-01 CVE-2023-34552 Out-of-bounds Write vulnerability in Ezviz products
In certain EZVIZ products, two stack based buffer overflows in mulicast_parse_sadp_packet and mulicast_get_pack_type functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution.
low complexity
ezviz CWE-787
8.8
8.8