Javier Repiso Sánchez

6 exploits Active since Oct 2013
CVE-2013-3540 EXPLOITDB WORKING POC
Ovislink Airlive Od-2025hd - CSRF
Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users.
CVE-2013-3541 EXPLOITDB WORKING POC
Ovislink Airlive Wl2600cam - Path Traversal
Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other camera models allows remote attackers to read arbitrary files via a .. (dot dot) in the READ.filePath parameter.
CVE-2013-3686 EXPLOITDB WRITEUP
Ovislink Airlive Wl2600cam - Access Control
cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera models allows remote attackers to obtain the administrator password via a list action.
CVE-2013-3687 EXPLOITDB WRITEUP
Ovislink Airlive Od-2025hd - Cryptographic Issue
AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models use cleartext to store sensitive information, which allows attackers to obtain passwords, user names, and other sensitive information by reading an unspecified backup file.
CVE-2013-3543 EXPLOITDB text WORKING POC
Axis Media Control Activex Control - Access Control
The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) 6.2.10.11 for AXIS network cameras allows remote attackers to create or overwrite arbitrary files via a file path to the (1) StartRecord, (2) SaveCurrentImage, or (3) StartRecordMedia methods.
CVE-2013-3691 EXPLOITDB HIGH text WORKING POC
Ovislink Airlive Poe2600hd Firmware - Denial of Service
AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL.
CVSS 7.5