Ptzoptics
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Ptzoptics product.
RSS Feeds for Ptzoptics security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Ptzoptics products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Ptzoptics Sorted by Most Security Vulnerabilities since 2018
Known Exploited Ptzoptics Vulnerabilities
The following Ptzoptics vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability |
PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root. CVE-2024-8956 Exploit Probability: 83.6% |
November 4, 2024 |
| PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability |
PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload with the ntp_addr parameter of the /cgi-bin/param.cgi CGI script. CVE-2024-8957 Exploit Probability: 55.5% |
November 4, 2024 |
The vulnerability CVE-2024-8956: PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability is in the top 1% of the currently known exploitable vulnerabilities. The vulnerability CVE-2024-8957: PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.
By the Year
In 2026 there have been 0 vulnerabilities in Ptzoptics. Ptzoptics did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 8.15 |
It may take a day or so for new Ptzoptics vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ptzoptics Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2024-8957 | Sep 17, 2024 |
PT30X-SDI/NDI-xx OS Command Injection on ntp_addr pre6.3.40PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrary command execution when ntp_client is started. When chained with CVE-2024-8956, a remote and unauthenticated attacker can execute arbitrary OS commands on affected devices. |
Pt30x Sdi Firmware
Pt30x Ndi Firmware
Pt30x Sdi
And others... |
| CVE-2024-8956 | Sep 17, 2024 |
PTZOptics PT30X-SDI/NDIv FW<6.3.40 - Auth Bypass on /cgi-bin/param.cgiPTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are sent without an HTTP Authorization header. The result is a remote and unauthenticated attacker can leak sensitive data such as usernames, password hashes, and configurations details. Additionally, the attacker can update individual configuration values or overwrite the whole file. |
Pt30x Sdi Firmware
Pt30x Ndi Xx G2 Firmware
Pt30x Sdi
And others... |