exploitDog

CVE-2016-2356

Опубликовано: 25 окт. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.

Ссылки

http://kirils.org/slides/2016-10-06_Milesight_initial.pdf
Exploit
Third Party Advisory
https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/
Third Party Advisory
https://www.youtube.com/watch?v=scckkI7CAW0
Exploit
Third Party Advisory
http://kirils.org/slides/2016-10-06_Milesight_initial.pdf
Exploit
Third Party Advisory
https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/
Third Party Advisory
https://www.youtube.com/watch?v=scckkI7CAW0
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:milesight:ip_security_camera_firmware:*:*:*:*:*:*:*:*

Версия до 2016-11-14 (включая)

cpe:2.3:h:milesight:ip_security_camera:-:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03513

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-120

Связанные уязвимости

GHSA-ff83-c42x-4r2x

CVSS3: 9.8

github

больше 3 лет назад

Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.

EPSS

Процентиль: 87%

0.03513

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-120