[SYSS-2024-030]: C-MOR Video Surveillance - OS Command Injection (CWE-78) - Cyber Security News

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-030
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: –
Public Disclosure: 2024-09-04…

More Stories

USN-7015-1: Python vulnerabilities

It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could...

September 16, 2024

USN-7014-1: nginx vulnerability

It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive...

September 16, 2024

USN-7013-1: Dovecot vulnerabilities

It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this...

September 16, 2024

USN-7012-1: curl vulnerability

Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly,...

September 16, 2024

USN-7011-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause...

September 16, 2024

USN-6560-3: OpenSSH vulnerability

USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It...

September 16, 2024