Vulnerabilities > Panasonic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2022-4621 | Cross-Site Request Forgery (CSRF) vulnerability in Panasonic products Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges. | 8.8 |
| 2021-07-09 | CVE-2021-32972 | XXE vulnerability in Panasonic Fpwin PRO 7.5.0.1 Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software. | 4.3 |
| 2021-02-05 | CVE-2021-20623 | Cleartext Transmission of Sensitive Information vulnerability in Panasonic Video Insight VMS 7.3.2.5/7.5 Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request. | 10.0 |
| 2021-01-26 | CVE-2020-16236 | Out-of-bounds Read vulnerability in Panasonic Fpwin PRO FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. | 6.8 |
| 2020-12-28 | CVE-2020-29194 | Unspecified vulnerability in Panasonic Wv-S2231L Firmware 4.25 Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/set_factory URI. | 5.0 |
| 2020-12-28 | CVE-2020-29193 | Use of Hard-coded Credentials vulnerability in Panasonic Wv-S2231L Firmware 4.25 Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order). | 2.1 |
| 2020-05-20 | CVE-2020-11716 | Incorrect Default Permissions vulnerability in Panasonic products Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. | 9.8 |
| 2020-05-20 | CVE-2019-5997 | Code Injection vulnerability in Panasonic Video Insight VMS 7.3.2.5/7.5 Video Insight VMS 7.5 and earlier allows remote attackers to conduct code injection attacks via unspecified vectors. | 7.5 |
| 2020-05-19 | CVE-2020-11715 | Unspecified vulnerability in Panasonic P99 Firmware 20200410 Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. | 7.5 |
| 2019-11-14 | CVE-2019-15429 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Panasonic Eluga I9 Firmware The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. | 7.2 |