There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process.
The update fixes an issue with HANDLEType in win32native lib.
The /cgi-bin/firmwareupgrade file in TP-Link IP cameras allows remote unauthenticated attackers to perform firmware upgrades.
This module tries to verify if the vulnerability is present in the target device without actually upgrading its firmware.
The Zavio F3105 IP camera is vulnerable to OS command injection when the /opt/cgi/view/param binary parses the General.Time.NTP.Server configuration parameter.
This vulnerability allows authenticated users to execute arbitrary code on the affected cameras.
This module exploits an OS command injection vulnerability in the /cgi-bin/admin/servetest file of several TP-Link surveillance cameras. This vulnerability allows remote authenticated users to execute arbitrary commands on affected cameras.