Search criteria
2 vulnerabilities found for p2r6822e4 by meritlilin
VAR-202104-1273
Vulnerability from variot - Updated: 2025-01-30 20:34The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-1273",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "z3r8922x3",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6452ax-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6552e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8822e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8852e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8822e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8052ex25",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6852e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6822e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p3r6522e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6552e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6822e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8852ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6422ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6852e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2g1022",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6522x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6522e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6522e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6352ae4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8122x2-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2g1052",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6352ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8152x-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6322ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8122x-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z3r6522x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r3052ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6422ax-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6452ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2g1022x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6552x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p3r6322e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p3r8822e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6322ae4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z3r6422x3",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8152x2-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8822ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8022ex25",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8852e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r3022ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"cve": "CVE-2021-30166",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-30166",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "twcert@cert.org.tw",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2021-30166",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30166",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "twcert@cert.org.tw",
"id": "CVE-2021-30166",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-2068",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-30166",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30166"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
},
{
"db": "NVD",
"id": "CVE-2021-30166"
},
{
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30166"
},
{
"db": "VULMON",
"id": "CVE-2021-30166"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30166",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2068",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-30166",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2021-30166"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
},
{
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"id": "VAR-202104-1273",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"camera device"
],
"sub_category": "IP camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:34:10.938000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Vivotek VIVOTEK IP Camera Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148775"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.meritlilin.com/assets/uploads/support/file/m00166-tw.pdf"
},
{
"trust": 1.7,
"url": "https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html"
},
{
"trust": 1.7,
"url": "https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388"
},
{
"trust": 1.7,
"url": "https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30166"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2021-30166"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
},
{
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2021-30166"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
},
{
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30166"
},
{
"date": "2021-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-2068"
},
{
"date": "2021-04-28T10:15:08.647000",
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30166"
},
{
"date": "2021-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-2068"
},
{
"date": "2024-11-21T06:03:26.307000",
"db": "NVD",
"id": "CVE-2021-30166"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vivotek VIVOTEK IP Camera Operating system command injection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2068"
}
],
"trust": 0.6
}
}
VAR-202104-1274
Vulnerability from variot - Updated: 2025-01-30 20:11The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202104-1274",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "z3r8922x3",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6452ax-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6552e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8822e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8852e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8822e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8052ex25",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6852e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6822e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p3r6522e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6552e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6822e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8852ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6422ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6852e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2g1022",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6522x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6522e4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6522e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6352ae4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8122x2-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2g1052",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6352ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8152x-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6322ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8122x-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z3r6522x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r3052ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6422ax-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6452ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2g1022x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r6552x",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p3r6322e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p3r8822e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r6322ae4",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z3r6422x3",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8152x2-p",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8822ax",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "z2r8022ex25",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r8852e2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
},
{
"model": "p2r3022ae2",
"scope": "lt",
"trust": 1.0,
"vendor": "meritlilin",
"version": "7.1.94.8908"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"cve": "CVE-2021-30167",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2021-30167",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "twcert@cert.org.tw",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-30167",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-30167",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "twcert@cert.org.tw",
"id": "CVE-2021-30167",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-2067",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2021-30167",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30167"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
},
{
"db": "NVD",
"id": "CVE-2021-30167"
},
{
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user\u2019s information and escalate privileges to control the devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30167"
},
{
"db": "VULMON",
"id": "CVE-2021-30167"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30167",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2067",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-30167",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2021-30167"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
},
{
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"id": "VAR-202104-1274",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"camera device"
],
"sub_category": "camera",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T20:11:57.093000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "network camera device Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=148774"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-522",
"trust": 1.0
},
{
"problemtype": "CWE-306",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.meritlilin.com/assets/uploads/support/file/m00166-tw.pdf"
},
{
"trust": 1.7,
"url": "https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html"
},
{
"trust": 1.7,
"url": "https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388"
},
{
"trust": 1.7,
"url": "https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30167"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/522.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2021-30167"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
},
{
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2021-30167"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
},
{
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-28T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30167"
},
{
"date": "2021-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-2067"
},
{
"date": "2021-04-28T10:15:08.697000",
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-30167"
},
{
"date": "2022-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-2067"
},
{
"date": "2024-11-21T06:03:26.473000",
"db": "NVD",
"id": "CVE-2021-30167"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network camera device Access control error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2067"
}
],
"trust": 0.6
}
}