Vulnerabilities > Microdigital

DATE CVE VULNERABILITY TITLE RISK
2019-08-06 CVE-2019-14709 Insufficiently Protected Credentials vulnerability in Microdigital products
A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital CWE-522
critical
9.8
2019-08-06 CVE-2019-14708 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microdigital products
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital CWE-119
critical
9.8
2019-08-06 CVE-2019-14707 Unspecified vulnerability in Microdigital products
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital
7.2
2019-08-06 CVE-2019-14706 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microdigital products
A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital CWE-119
7.5
2019-08-06 CVE-2019-14705 Improper Authentication vulnerability in Microdigital products
An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin.
network
low complexity
microdigital CWE-287
7.2
2019-08-06 CVE-2019-14704 Server-Side Request Forgery (SSRF) vulnerability in Microdigital products
An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field.
network
low complexity
microdigital CWE-918
critical
9.8
2019-08-06 CVE-2019-14703 Cross-Site Request Forgery (CSRF) vulnerability in Microdigital products
A CSRF issue was discovered in webparam?user&action=set&param=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account.
network
low complexity
microdigital CWE-352
8.8
2019-08-06 CVE-2019-14702 SQL Injection vulnerability in Microdigital products
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital CWE-89
critical
9.8
2019-08-06 CVE-2019-14701 Path Traversal vulnerability in Microdigital products
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital CWE-22
7.5
2019-08-06 CVE-2019-14700 Path Traversal vulnerability in Microdigital products
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5.
network
low complexity
microdigital CWE-22
7.5