Vulnerabilities > Honeywell > Hdzp252Di Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2021-39364 | Authentication Bypass by Capture-replay vulnerability in Honeywell Hbw2Per1 Firmware and Hdzp252Di Firmware Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved. | 7.5 |
| 2019-10-31 | CVE-2019-18230 | Missing Authentication for Critical Function vulnerability in Honeywell products Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP. | 7.5 |
| 2019-10-31 | CVE-2019-18228 | Improper Input Validation vulnerability in Honeywell products Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service. | 7.5 |