Samsung » Smart Viewer : Security Vulnerabilities, CVEs,
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
6.8
EPSS Score
46.84%
Published
2014-12-08
Updated
2014-12-23
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.
Max CVSS
7.6
EPSS Score
0.14%
Published
2013-08-28
Updated
2013-08-29
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
Max CVSS
5.0
EPSS Score
0.50%
Published
2013-08-28
Updated
2013-10-07
3 vulnerabilities found