Filtered by vendor Cohuhd
                        
                        Subscribe
                        
                        
                    
                    
                
                    Total
                    5 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 | 
|---|---|---|---|---|---|
| CVE-2017-8864 | 1 Cohuhd | 2 3960hd, 3960hd Firmware | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL | 
| Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if (!passwordsAreEqual())" test. | |||||
| CVE-2017-8860 | 1 Cohuhd | 2 3960hd, 3960hd Firmware | 2025-04-20 | 5.0 MEDIUM | 6.5 MEDIUM | 
| Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web request with an extra / character, such as a "GET // HTTP/1.1" request. | |||||
| CVE-2017-8861 | 1 Cohuhd | 2 3960hd, 3960hd Firmware | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL | 
| Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets. | |||||
| CVE-2017-8863 | 1 Cohuhd | 2 3960hd, 3960hd Firmware | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH | 
| Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser. | |||||
| CVE-2017-8862 | 1 Cohuhd | 2 3960hd, 3960hd Firmware | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL | 
| The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges. | |||||
