GCVE - cpe:2.3:o:zavio:f312a_firmware:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:zavio:f312a_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Zavio (`ae5688d0-7b0e-5133-9ab8-716e2e1ba17e`)
Product	F312A Firmware (`e61d0ca7-ed1b-570f-878f-06ee41f68d31`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-2570`	vulnerable	2026-06-03 14:33:02.870797	Details available A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code. Published: 2020-01-29T17:31:40.000Z Updated: 2024-08-06T15:44:32.302Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/60188 https://exchange.xforce.ibmcloud.com/vulnerabilities/84567 https://www.coresecurity.com/advisories/zavio-ip-cameras-multiple-vulnerabilities https://packetstormsecurity.com/files/cve/CVE-2013-2570	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2569`	vulnerable	2026-06-03 14:33:02.870383	Details available A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream. Published: 2020-01-29T17:20:55.000Z Updated: 2024-08-06T15:44:32.305Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/60191 https://exchange.xforce.ibmcloud.com/vulnerabilities/84570 https://www.coresecurity.com/advisories/zavio-ip-cameras-multiple-vulnerabilities https://packetstormsecurity.com/files/cve/CVE-2013-2569	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2568`	vulnerable	2026-06-03 14:33:02.869939	Details available A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code. Published: 2020-01-29T17:07:27.000Z Updated: 2024-08-06T15:44:32.650Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/60190 https://exchange.xforce.ibmcloud.com/vulnerabilities/84569 https://www.coresecurity.com/advisories/zavio-ip-cameras-multiple-vulnerabilities https://packetstormsecurity.com/files/cve/CVE-2013-2568/page1/ https://vulmon.com/vulnerabilitydetails?qid=CVE-2013-2568	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2567`	vulnerable	2026-06-03 14:33:02.868844	Details available An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information. Published: 2020-01-29T16:47:20.000Z Updated: 2024-08-06T15:44:32.640Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/60189 http://www.exploit-db.com/exploits/25815 https://exchange.xforce.ibmcloud.com/vulnerabilities/84568 https://packetstormsecurity.com/files/cve/CVE-2013-2567 http://www.coresecurity.com/advisories/zavio-IP-cameras-multiple-vulnerabilities	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.