Sricam Deviceviewer 3.12.0.1

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:sricam:deviceviewer:3.12.0.1:*:*:*:*:-:*:*

part: a version: 3.12.0.1 update: *

VendorSricam (5d187f5d-35e3-5227-b3c4-dad453dbb7a1)
ProductDeviceviewer (933c2984-8405-545e-883c-99ae9b8d13a1)
Edition*
Language*
Software edition*
Target software-
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-25436 vulnerable 2026-06-03 14:40:18.487855 Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass
MEDIUM (6.5)
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to bypass validation and set an arbitrary new password.
Published: 2026-02-20T22:54:49.282Z
Updated: 2026-04-07T14:04:01.184Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-25435 vulnerable 2026-06-03 14:40:18.486731 Sricam DeviceViewer 3.12.0.1 Local Buffer Overflow DEP Bypass
HIGH (7.8)
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User Management to trigger a stack-based buffer overflow and execute commands via ROP chain gadgets.
Published: 2026-02-20T22:54:48.319Z
Updated: 2026-04-07T14:04:00.427Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.