CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39091
https://notcve.org/view.php?id=CVE-2024-39091
12 Aug 2024 — An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to v5.4.1.240424171021 allows attackers within the same network to execute arbitrary code via a crafted HTML request. • https://joerngermany.github.io/mipc_vulnerability • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 47%CPEs: 4EXPL: 0CVE-2021-32941 – Annke Network Video Recorder - Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2021-32941
23 May 2022 — Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). Los productos Annke N48PBB (Network Video Recorder) versión 3.4.106 build 200422 y anteriores, son vulnerables a un desbordamiento del búfer en la región stack de la memoria, que permite a un atacante remoto no autorizado ejecutar código arbitrario co... • https://www.cisa.gov/uscert/ics/advisories/icsa-21-238-02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2017-18483
https://notcve.org/view.php?id=CVE-2017-18483
07 Aug 2019 — ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID. Los dispositivos de cámara inalámbrica SP1 HD de ANNKE versión 3.4.1.1604071109, permiten un ataque de tipo XSS por medio de un SSID diseñado. • https://www.pentestpartners.com/security-blog/nifty-xss-in-annke-sp1-hd-wireless-camera • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •