Vulnerabilities (CVE)

Filtered by vendor Androvideo Subscribe

Filtered by product Vd 1 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-13408	2 Androvideo, Geovision	6 Vd 1, Vd 1 Firmware, Gv-vd8700 and 3 more	2020-10-08	5.0 MEDIUM	7.5 HIGH
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.
CVE-2019-13406	1 Androvideo	2 Vd 1, Vd 1 Firmware	2020-08-24	5.0 MEDIUM	7.5 HIGH
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication.