CVE-2018-18601

Опубликовано: 31 дек. 2018

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.

Ссылки

https://labs.bitdefender.com/2018/12/iot-report-major-flaws-in-guardzilla-cameras-allow-remote-hijack-of-the-security-device/
Third Party Advisory
https://labs.bitdefender.com/2018/12/iot-report-major-flaws-in-guardzilla-cameras-allow-remote-hijack-of-the-security-device/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:guardzilla:gz621w_firmware:0.5.1.4:*:*:*:*:*:*:*

cpe:2.3:h:guardzilla:gz621w:-:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00459

Низкий

8.1 High

CVSS3

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-rh5w-f4gw-ppw8

CVSS3: 8.1

github

больше 3 лет назад

The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.

EPSS

Процентиль: 64%

0.00459

Низкий

8.1 High

CVSS3

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-119