GHSA-xw58-crph-crhm

Опубликовано: 09 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321

IP Cameras

with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321

IP Cameras

Ссылки

EPSS

Процентиль: 76%

0.00967

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2023-3959

Дефекты

CWE-121

CWE-787

Связанные уязвимости

CVE-2023-3959

CVSS3: 9.8

nvd

почти 2 года назад

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.

BDU:2023-07582

CVSS3: 9.8

fstec

почти 2 года назад

Уязвимость микропрограммного обеспечения IP-камер Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220 и CD321, вызванная переполнением буфера на стеке, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 76%

0.00967

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2023-3959

Дефекты

CWE-121

CWE-787