CVE-2019-25236

Published: Dic 24, 2025 Last Modified: Dic 29, 2025
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 8,7
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
CRITICAL 9,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/get_jpeg endpoint without authentication.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0011
Percentile
0,3th
Updated

EPSS Score Trend (Last 80 Days)

306

Missing Authentication for Critical Function

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Access Control Other
Potential Impacts:
Gain Privileges Or Assume Identity Varies By Context
Applicable Platforms
Technologies: Cloud Computing, ICS/OT
Likelihood of Exploit: High
View CWE Details
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5539…
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5539.php
https://www.exploit-db.com/exploits/47562
https://www.exploit-db.com/exploits/47562
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5539…
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5539.php
http://www.iseeq.co.kr
http://www.iseeq.co.kr