Ip camera firmware

This hub aggregates every CVE we track for Ip camera firmware, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

ICS / OT / IoT

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

HIGH6CRITICAL3MEDIUM1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 10 most recently published vulnerabilities affecting Ip camera firmware.

CVE-2025-63667Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-20240725 allows attackers to access sensitive API endpoints without authentication.7.5Nov 12, 2025
CVE-2022-34138Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.7.5Feb 3, 2023
CVE-2018-11653Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information about the network configuration lik...9.8Aug 24, 2018
CVE-2018-11654Information disclosure in Netwave IP camera at get_status.cgi (via HTTP on port 8000) allows an unauthenticated attacker to exfiltrate sensitive information from the device.7.5Aug 24, 2018
CVE-2017-3223Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow9.8Jul 24, 2018
CVE-2018-6479An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI.7.5Jan 31, 2018
CVE-2017-7253Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with ...8.8Mar 30, 2017
CVE-2014-1849Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hij...10.0May 14, 2014
CVE-2013-1605Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to execute arbitrary code via a long filename in a GET request.7.5Mar 25, 2014
CVE-2013-1604Directory traversal vulnerability in MayGion IP Cameras with firmware before 2013.04.22 (05.53) allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.5.0Mar 25, 2014

Product normalization is registry-driven with AI assist and human review. How it works