ByteOS Network

ispy

Source -

ADPNVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2024-22514

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-8.8||HIGH

EPSS-15.58% / 94.43%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 00:00

Updated-26 Aug, 2024 | 18:35

An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file.

Vendor-ispyconnect n/a ispyconnect

Product-agent_dvr n/a ispy

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2022-29774

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-9.8||CRITICAL

EPSS-32.05% / 96.67%

7 Day CHG~0.00%

Published-21 Jun, 2022 | 14:00

Updated-03 Aug, 2024 | 06:33

iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal.

Vendor-ispyconnect n/a

Product-ispy n/a

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE-2022-29775

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-9.8||CRITICAL

EPSS-52.75% / 97.86%

7 Day CHG~0.00%

Published-21 Jun, 2022 | 13:59

Updated-03 Aug, 2024 | 06:33

iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL.

Vendor-ispyconnect n/a

Product-ispy n/a

CWE ID-CWE-287

Improper Authentication