Описание
Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:genivia:gsoap:2.8.0:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:sricam:nvs001:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sh016:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sh024:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sh026:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sh027:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp007:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp008:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp009:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp012:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp015:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp017:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp018:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp019:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp020:-:*:*:*:*:*:*:*
cpe:2.3:h:sricam:sp023:-:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.13995
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.
EPSS
Процентиль: 94%
0.13995
Средний
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo