CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5096 – Hipcam Device MAC Address wifi.mac information disclosure
https://notcve.org/view.php?id=CVE-2024-5096
19 May 2024 — A vulnerability classified as problematic was found in Hipcam Device up to 20240511. This vulnerability affects unknown code of the file /log/wifi.mac of the component MAC Address Handler. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://netsecfish.notion.site/Unauthorized-Access-to-MAC-Address-in-Hipcam-Device-a9a8daeeda954e83af847eb27805dc99?pvs=4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50685
https://notcve.org/view.php?id=CVE-2023-50685
02 May 2024 — An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port parameter. Un problema en Hipcam Cameras RealServer v.1.0 permite que un atacante remoto provoque una denegación de servicio a través de un script manipulado en el parámetro client_port. • https://github.com/MaximilianJungblut/Hipcam-RTSP-Format-Validation-Vulnerability • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38970
https://notcve.org/view.php?id=CVE-2022-38970
26 Sep 2022 — ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices. ieGeek IG20 hipcam RealServer versión V1.0, es vulnerable a un control de acceso incorrecto. El algoritmo usado para generar IDs de dispositivos (UIDs) para los dispositivos que usan Shenzhen Yunni Technology... • https://www.realinfosec.net/cybersecurity-news/iegeek-vulnerabilities-still-prevalent-in-2022-amazon-ft-ig20 • CWE-330: Use of Insufficiently Random Values •