Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    10 vulnerabilities found for ip_security_camera_firmware by milesight

    CVE-2016-2357 (GCVE-0-2016-2357)

    Vulnerability from cvelistv5 – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.
    Severity
    No CVSS data available.
    CWE
    • hardcoded key
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.174Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "hardcoded key",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:48.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2357",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "hardcoded key"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2357",
        "datePublished": "2019-10-25T12:46:48.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2356 (GCVE-0-2016-2356)

    Vulnerability from cvelistv5 – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.100Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:38.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2356",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2356",
        "datePublished": "2019-10-25T12:46:38.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.100Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2359 (GCVE-0-2016-2359)

    Vulnerability from cvelistv5 – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.
    Severity
    No CVSS data available.
    CWE
    • incorrect access control
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.143Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "incorrect access control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:27.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "incorrect access control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2359",
        "datePublished": "2019-10-25T12:46:27.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.143Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2358 (GCVE-0-2016-2358)

    Vulnerability from cvelistv5 – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts.
    Severity
    No CVSS data available.
    CWE
    • default accounts
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.116Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "default accounts",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:09.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2358",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "default accounts"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2358",
        "datePublished": "2019-10-25T12:46:09.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.116Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2360 (GCVE-0-2016-2360)

    Vulnerability from cvelistv5 – Published: 2019-10-25 12:45 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.
    Severity
    No CVSS data available.
    CWE
    • default password
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.138Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers\u0027 installations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "default password",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:45:38.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2360",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers\u0027 installations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "default password"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2360",
        "datePublished": "2019-10-25T12:45:38.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.138Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2357 (GCVE-0-2016-2357)

    Vulnerability from nvd – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.
    Severity
    No CVSS data available.
    CWE
    • hardcoded key
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.174Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "hardcoded key",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:48.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2357",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "hardcoded key"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2357",
        "datePublished": "2019-10-25T12:46:48.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2356 (GCVE-0-2016-2356)

    Vulnerability from nvd – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.100Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:38.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2356",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2356",
        "datePublished": "2019-10-25T12:46:38.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.100Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2359 (GCVE-0-2016-2359)

    Vulnerability from nvd – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.
    Severity
    No CVSS data available.
    CWE
    • incorrect access control
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.143Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "incorrect access control",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:27.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "incorrect access control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2359",
        "datePublished": "2019-10-25T12:46:27.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.143Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2358 (GCVE-0-2016-2358)

    Vulnerability from nvd – Published: 2019-10-25 12:46 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts.
    Severity
    No CVSS data available.
    CWE
    • default accounts
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.116Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "default accounts",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:46:09.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2358",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "default accounts"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2358",
        "datePublished": "2019-10-25T12:46:09.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.116Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-2360 (GCVE-0-2016-2360)

    Vulnerability from nvd – Published: 2019-10-25 12:45 – Updated: 2024-08-05 23:24
    VLAI
    Summary
    Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.
    Severity
    No CVSS data available.
    CWE
    • default password
    Assigner
    Impacted products
    Vendor Product Version
    Milesight IP security cameras Affected: through 2016-11-14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T23:24:49.138Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP security cameras",
              "vendor": "Milesight",
              "versions": [
                {
                  "status": "affected",
                  "version": "through 2016-11-14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers\u0027 installations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "default password",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-25T12:45:38.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2016-2360",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IP security cameras",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "through 2016-11-14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Milesight"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers\u0027 installations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "default password"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/",
                  "refsource": "MISC",
                  "url": "https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/"
                },
                {
                  "name": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf",
                  "refsource": "MISC",
                  "url": "http://kirils.org/slides/2016-10-06_Milesight_initial.pdf"
                },
                {
                  "name": "https://www.youtube.com/watch?v=scckkI7CAW0",
                  "refsource": "MISC",
                  "url": "https://www.youtube.com/watch?v=scckkI7CAW0"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2016-2360",
        "datePublished": "2019-10-25T12:45:38.000Z",
        "dateReserved": "2016-02-12T00:00:00.000Z",
        "dateUpdated": "2024-08-05T23:24:49.138Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }