Vulnerabilities > Meritlilin > Z2R8022Ex25 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-04-28 CVE-2021-30166 OS Command Injection vulnerability in Meritlilin products
The NTP Server configuration function of the IP camera device is not verified with special parameters.
network
low complexity
meritlilin CWE-78
critical
 9.0
9.0
2021-04-28 CVE-2021-30169 Insufficiently Protected Credentials vulnerability in Meritlilin products
The sensitive information of webcam device is not properly protected.
network
low complexity
meritlilin CWE-522
7.5
7.5
2021-04-28 CVE-2021-30168 Insufficiently Protected Credentials vulnerability in Meritlilin products
The sensitive information of webcam device is not properly protected.
network
low complexity
meritlilin CWE-522
critical
 9.8
9.8
2021-04-28 CVE-2021-30167 Missing Authentication for Critical Function vulnerability in Meritlilin products
The manage users profile services of the network camera device allows an authenticated.
network
low complexity
meritlilin CWE-306
critical
 9.8
9.8