CVE-2024-8956CISA KEVEPSS p98.9%

CVE-2024-8956PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

PTZOptics / PT30X-SDI/NDI Cameras

Description

PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi CGI script. If combined with CVE-2024-8957, this can lead to remote code execution as root.

Scoring

EPSS56.87% probability of exploitation · percentile 98.9% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2024-11-04

(incoming)1

TypeTargetConfidenceTier
KEVEntryPTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerabilitykev-cve-2024-89560%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability
CVE
CVE-2025-30026
CVE
CVE-2025-35452
CVE
CVE-2025-35451
CVE
CVE-2026-30650
CVE
CVE-2026-30652
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.