Servision: Security Vulnerabilities
Servision - CWE-287: Improper Authentication
CVSS Score
8.2
EPSS Score
0.001
Published
2024-08-20
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930.
CVSS Score
9.0
EPSS Score
0.003
Published
2015-02-03
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.
CVSS Score
10.0
EPSS Score
0.011
Published
2015-02-03
The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardcoded administrative password, which makes it easier for remote attackers to obtain access via an HTTP session.
CVSS Score
10.0
EPSS Score
0.006
Published
2015-02-03