The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
6.8
EPSS Score
46.84%
Published
2014-12-08
Updated
2014-12-23
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.
Max CVSS
7.6
EPSS Score
0.14%
Published
2013-08-28
Updated
2013-08-29
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
Max CVSS
5.0
EPSS Score
0.50%
Published
2013-08-28
Updated
2013-10-07
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!