Dw: >> Megapix Firmware >> 4.2.0.32842 Security Vulnerabilities
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files.
CVSS Score
7.5
EPSS Score
0.006
Published
2022-07-19
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-07-19
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a cross-site scripting (XSS) vulnerability via the component bia_oneshot.cgi.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-07-19
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request.
CVSS Score
8.8
EPSS Score
0.006
Published
2022-07-19
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request.
CVSS Score
8.8
EPSS Score
0.015
Published
2022-07-19
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request.
CVSS Score
8.8
EPSS Score
0.015
Published
2022-07-19