Lucene search
HistoryDec 20, 2017 - 7:29 p.m.
CVE-2017-16725
cve-2017-16725
xiongmai technology
ip cameras
dvrs
netsurveillance
buffer overflow
remote code execution
device crash
telnet
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
72.8%
A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible.
Affected configurations
Node
xiongmaitechahb7008f8-h_firmwareMatch4.02.r11.3070
xiongmaitechahb7008f8-hMatch-
Node
xiongmaitechahb7008f4-h_firmwareMatch4.02.r11.3070
xiongmaitechahb7008f4-hMatch-
Node
xiongmaitechahb7008f2-h_firmwareMatch4.02.r11.3070
xiongmaitechahb7008f2-hMatch-
Node
xiongmaitechahb7008t-mh-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-mh-v2Match-
Node
xiongmaitechahb7004t-mh-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-mh-v2Match-
Node
xiongmaitechahb7004t-h-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-h-v2Match-
Node
xiongmaitechahb7016t-lm-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t-lm-v2Match-
Node
xiongmaitechahb7008t-lm-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-lm-v2Match-
Node
xiongmaitechahb7016t4-mh-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t4-mh-v2Match-
Node
xiongmaitechahb7016t-mh-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t-mh-v2Match-
Node
xiongmaitechahb7008t4-h-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t4-h-v2Match-
Node
xiongmaitechahb7008t-h-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-h-v2Match-
Node
xiongmaitechahb7008t4-h-v2Match_firmware4.02.r11.7601
xiongmaitechahb7008t4-h-v2Match-
Node
xiongmaitechahb7008t-h-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-h-v2Match-
Node
xiongmaitechahb7032f8-lm-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f8-lm-v2Match-
Node
xiongmaitechahb7032f4-lm-v2_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f4-lm-v2Match-
Node
xiongmaitechahb7808r-ms-v3_firmwareMatch4.02.r11.nat.onvifc.20170327
xiongmaitechahb7808r-ms-v3Match-
Node
xiongmaitechahb7804r-ms-v3_firmwareMatch4.02.r11.nat.onvifc.20170327
xiongmaitechahb7804r-ms-v3Match-
Node
xiongmaitechahb7016t-lm-v3_firmwareMatch4.02.r11.3070
xiongmaitechahb7016t-lm-v3Match-
Node
xiongmaitechahb7008t-lm-v3_firmwareMatch4.02.r11.3070
xiongmaitechahb7008t-lm-v3Match-
Node
xiongmaitechahb7004t-lm-v3_firmwareMatch4.02.r11.3070
xiongmaitechahb7004t-lm-v3Match-
Node
xiongmaitechahb7016t4-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t4-gs-v3Match-
Node
xiongmaitechahb7016t-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t-gs-v3Match-
Node
xiongmaitechahb7008t-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-gs-v3Match-
Node
xiongmaitechahb7004t-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-gs-v3Match-
Node
xiongmaitechahb7016t-mh-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t-mh-v3Match-
Node
xiongmaitechahb7008t-mh-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-mh-v3Match-
Node
xiongmaitechahb7004t-mh-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-mh-v3Match-
Node
xiongmaitechahb7008t-gl-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-gl-v4Match-
Node
xiongmaitechahb7004t-gl-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-gl-v4Match-
Node
xiongmaitechahb7004t-g-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-g-v4Match-
Node
xiongmaitechahb7016f8-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7016f8-gs-v3Match-
Node
xiongmaitechahb7016f8-gl-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7016f8-gl-v4Match-
Node
xiongmaitechahb7016f4-gl-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7016f4-gl-v4Match-
Node
xiongmaitechahb7016f2-gl-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7016f2-gl-v4Match-
Node
xiongmaitechahb7808r-lm-v3_firmwareMatch4.02.r11.nat.onvifc.20171120
xiongmaitechahb7808r-lm-v3Match-
Node
xiongmaitechahb7804r-lm-v3_firmwareMatch4.02.r11.nat.onvifc.20171120
xiongmaitechahb7804r-lm-v3Match-
Node
xiongmaitechahb7804r-lms-v3_firmwareMatch4.02.r11.nat.onvifc.20171019
xiongmaitechahb7804r-lms-v3Match-
Node
xiongmaitechahb7008f8-g-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7008f8-g-v4Match-
Node
xiongmaitechahb7008f4-g-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7008f4-g-v4Match-
Node
xiongmaitechahb7008f2-g-v4_firmwareMatch4.02.r11.7601
xiongmaitechahb7008f2-g-v4Match-
Node
xiongmaitechahb7032f4-lm-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f4-lm-v3Match-
Node
xiongmaitechahb7032f2-lm-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f2-lm-v3Match-
Node
xiongmaitechahb7032f8-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f8-gs-v3Match-
Node
xiongmaitechahb7032f4-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f4-gs-v3Match-
Node
xiongmaitechahb7032f2-gs-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7032f2-gs-v3Match-
Node
xiongmaitechahb7016t-lme-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7016t-lme-v3Match-
Node
xiongmaitechahb7008t-lme-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7008t-lme-v3Match-
Node
xiongmaitechahb7004t-lme-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7004t-lme-v3Match-
Node
xiongmaitechahb7808r-mh-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7808r-mh-v3Match-
Node
xiongmaitechahb7804r-mh-v3_firmwareMatch4.02.r11.7601
xiongmaitechahb7804r-mh-v3Match-
Node
xiongmaitechipg-50h10pl-p_firmwareMatch-
xiongmaitechipg-50h10pl-pMatch-
Node
xiongmaitechipg-50h10pl-b_firmwareMatch-
xiongmaitechipg-50h10pl-bMatch-
Node
xiongmaitechipg-50h10pl-ae_firmwareMatch-
xiongmaitechipg-50h10pl-aeMatch-
Node
xiongmaitechipg-50h10pl-s_firmwareMatch-
xiongmaitechipg-50h10pl-sMatch-
Node
xiongmaitechipg-52h10pl-p_firmwareMatch-
xiongmaitechipg-52h10pl-pMatch-
Node
xiongmaitechipg-52h10pl-b_firmwareMatch-
xiongmaitechipg-52h10pl-bMatch-
Node
xiongmaitechipg-53h13pet-s_firmwareMatch-
xiongmaitechipg-53h13pet-sMatch-
Node
xiongmaitechipg-53h13pls-s_firmwareMatch-
xiongmaitechipg-53h13pls-sMatch-
Node
xiongmaitechipg-53h13pes-s_firmwareMatch-
xiongmaitechipg-53h13pes-sMatch-
Node
xiongmaitechipg-53h13pes-sl_firmwareMatch-
xiongmaitechipg-53h13pes-slMatch-
Node
xiongmaitechipg-53h13pl-p_firmwareMatch-
xiongmaitechipg-53h13pl-pMatch-
Node
xiongmaitechipg-53h13pl-b_firmwareMatch-
xiongmaitechipg-53h13pl-bMatch-
Node
xiongmaitechipg-53h13pl-ae_firmwareMatch-
xiongmaitechipg-53h13pl-aeMatch-
Node
xiongmaitechipg-53h13pl-s_firmwareMatch-
xiongmaitechipg-53h13pl-sMatch-
Node
xiongmaitechipg-53h13p-p_firmwareMatch-
xiongmaitechipg-53h13p-pMatch-
Node
xiongmaitechipg-53h13p-b_firmwareMatch-
xiongmaitechipg-53h13p-bMatch-
Node
xiongmaitechipg-53h13p-ae_firmwareMatch-
xiongmaitechipg-53h13p-aeMatch-
Node
xiongmaitechipg-53h13p-s_firmwareMatch-
xiongmaitechipg-53h13p-sMatch-
Node
xiongmaitechipg-83h40pl-b_firmwareMatch-
xiongmaitechipg-83h40pl-bMatch-
Node
xiongmaitechipg-83h40pl-p_firmwareMatch-
xiongmaitechipg-83h40pl-pMatch-
Node
xiongmaitechipg-83h50p-p_firmwareMatch-
xiongmaitechipg-83h50p-pMatch-
Node
xiongmaitechipg-83h50p-b_firmwareMatch-
xiongmaitechipg-83h50p-bMatch-
Node
xiongmaitechipg-53h10pe-s_firmwareMatch-
xiongmaitechipg-53h10pe-sMatch-
Node
xiongmaitechipg-50h10pe-sl_firmwareMatch-
xiongmaitechipg-50h10pe-slMatch-
Node
xiongmaitechipg-50h10pe-s_firmwareMatch-
xiongmaitechipg-50h10pe-sMatch-
Node
xiongmaitechipm-50hv10pt-wr_firmwareMatch-
xiongmaitechipm-50hv10pt-wrMatch-
Node
xiongmaitechipm-50v10pl-wr_firmwareMatch-
xiongmaitechipm-50v10pl-wrMatch-
Node
xiongmaitechipm-50h10pe-wr_firmwareMatch-
xiongmaitechipm-50h10pe-wrMatch-
Node
xiongmaitechipg-54h13pe-s_firmwareMatch-
xiongmaitechipg-54h13pe-sMatch-
Node
xiongmaitechipg-54h20pl-s_firmwareMatch-
xiongmaitechipg-54h20pl-sMatch-
Node
xiongmaitechipg-50h10pl-r_firmwareMatch-
xiongmaitechipg-50h10pl-rMatch-
Node
xiongmaitechipg-54h20pl-s_firmwareMatch-
xiongmaitechipg-54h20pl-sMatch-
Node
xiongmaitechipm-50h10pe-o\(r\)_firmwareMatch-
xiongmaitechipm-50h10pe-o\(r\)Match-
Node
xiongmaitechipg-53h13pl-r_firmwareMatch-
xiongmaitechipg-53h13pl-rMatch-
Node
xiongmaitechipg-50h10pe-wp_firmwareMatch-
xiongmaitechipg-50h10pe-wpMatch-
Node
xiongmaitechipg-50hv10pt-wp_firmwareMatch-
xiongmaitechipg-50hv10pt-wpMatch-
Node
xiongmaitechipg-53hv13pa-wp_firmwareMatch-
xiongmaitechipg-53hv13pa-wpMatch-
Node
xiongmaitechipg-53h13pe-wp_firmwareMatch-
xiongmaitechipg-53h13pe-wpMatch-
Node
xiongmaitechipg-53h20pl-p_firmwareMatch-
xiongmaitechipg-53h20pl-pMatch-
Node
xiongmaitechipg-53h20pl-b_firmwareMatch-
xiongmaitechipg-53h20pl-bMatch-
Node
xiongmaitechipg-53h20pl-ae_firmwareMatch-
xiongmaitechipg-53h20pl-aeMatch-
Node
xiongmaitechipg-53h20pl-s_firmwareMatch-
xiongmaitechipg-53h20pl-sMatch-
Node
xiongmaitechipg-50hv20pet-a_firmwareMatch-
xiongmaitechipg-50hv20pet-aMatch-
Node
xiongmaitechipg-50hv20pet-s_firmwareMatch-
xiongmaitechipg-50hv20pet-sMatch-
Node
xiongmaitechipg-50hv20pes-s_firmwareMatch-
xiongmaitechipg-50hv20pes-sMatch-
Node
xiongmaitechipg-50h10pe-wk_firmwareMatch-
xiongmaitechipg-50h10pe-wkMatch-
Node
xiongmaitechipg-53h13pe-wk_firmwareMatch-
xiongmaitechipg-53h13pe-wkMatch-
Node
xiongmaitechipg-53h13pe-s_firmwareMatch-
xiongmaitechipg-53h13pe-sMatch-
Node
xiongmaitechipm-50h10pe-wrm_firmwareMatch-
xiongmaitechipm-50h10pe-wrmMatch-
Node
xiongmaitechipm-53h13pe-wrm_firmwareMatch-
xiongmaitechipm-53h13pe-wrmMatch-
Node
xiongmaitechipg-83h40af_firmwareMatch-
xiongmaitechipg-83h40afMatch-
Node
xiongmaitechipm-50v10pl-wrc_firmwareMatch-
xiongmaitechipg-83h40afMatch-
Node
xiongmaitechipm-50h10pe-wrc_firmwareMatch-
xiongmaitechipm-50h10pe-wrcMatch-
Node
xiongmaitechipg-50x10pt-s_firmwareMatch-
xiongmaitechipg-50x10pt-sMatch-
Node
xiongmaitechipg-50x10pe-s_firmwareMatch-
xiongmaitechipg-50x10pe-sMatch-
Node
xiongmaitechipg-53x13pt-s_firmwareMatch-
xiongmaitechipg-53x13pt-sMatch-
Node
xiongmaitechipg-53x13pa-s_firmwareMatch-
xiongmaitechipg-53x13pa-sMatch-
Node
xiongmaitechipg-53x13pe-s_firmwareMatch-
xiongmaitechipg-53x13pe-sMatch-
Node
xiongmaitechipm-53h13pe-wrc_firmwareMatch-
xiongmaitechipm-53h13pe-wrcMatch-
Node
xiongmaitechipm-53hv13pe-wr_firmwareMatch-
xiongmaitechipm-53hv13pe-wrMatch-
Node
xiongmaitechipm-53v13pl-wr_firmwareMatch-
xiongmaitechipm-53v13pl-wrMatch-
Node
xiongmaitechipm-53h13pe-wr_firmwareMatch-
xiongmaitechipm-53h13pe-wrMatch-
Node
xiongmaitechipg-50h10pe-wk-2f_firmwareMatch-
xiongmaitechipg-50h10pe-wk-2fMatch-
Node
xiongmaitechipg-83h20pl-p_firmwareMatch-
xiongmaitechipg-83h20pl-pMatch-
Node
xiongmaitechipg-83h20pl-b_firmwareMatch-
xiongmaitechipg-83h20pl-bMatch-
Node
xiongmaitechipg-53hv13pt-s_firmwareMatch-
xiongmaitechipg-53hv13pt-sMatch-
Node
xiongmaitechipg-53hv13pt-s_firmwareMatch-
xiongmaitechipg-53hv13pt-sMatch-
Node
xiongmaitechipg-53hv13pa-a_firmwareMatch-
xiongmaitechipg-53hv13pa-aMatch-
Node
xiongmaitechipg-53hv13pa-s_firmwareMatch-
xiongmaitechipg-53hv13pa-sMatch-
Node
xiongmaitechipm-50hv20pe-wr_firmwareMatch-
xiongmaitechipm-50hv20pe-wrMatch-
Node
xiongmaitechipg-50hv10pt-a_firmwareMatch-
xiongmaitechipg-50hv10pt-aMatch-
Node
xiongmaitechipg-50hv10pt-s_firmwareMatch-
xiongmaitechipg-50hv10pt-sMatch-
Node
xiongmaitechipg-50hv10pv-a_firmwareMatch-
xiongmaitechipg-50hv10pv-aMatch-
Node
xiongmaitechipg-50hv10pv-s_firmwareMatch-
xiongmaitechipg-50hv10pv-sMatch-
Node
xiongmaitechipg-80h20pt-a_firmwareMatch-
xiongmaitechipg-80h20pt-aMatch-
Node
xiongmaitechipg-80h20pt-s_firmwareMatch-
xiongmaitechipg-80h20pt-sMatch-
Node
xiongmaitechipg-50h20pt-s_firmwareMatch-
xiongmaitechipg-50h20pt-sMatch-
Node
xiongmaitechipg-53h20py-s_firmwareMatch-
xiongmaitechipg-53h20py-sMatch-
Node
xiongmaitechipg-53h13pe-wk-4f_firmwareMatch-
xiongmaitechipg-53h13pe-wk-4fMatch-
Node
xiongmaitechipg-83h20pa-a_firmwareMatch-
xiongmaitechipg-83h20pa-aMatch-
Node
xiongmaitechipg-83h20pa-s_firmwareMatch-
xiongmaitechipg-83h20pa-sMatch-
Node
xiongmaitechipg-50hv20psa-s_firmwareMatch-
xiongmaitechipg-50hv20psa-sMatch-
Node
xiongmaitechipg-50hv20psb-a_firmwareMatch-
xiongmaitechipg-50hv20psb-aMatch-
Node
xiongmaitechipg-50hv20psb-s_firmwareMatch-
xiongmaitechipg-50hv20psb-sMatch-
Node
xiongmaitechivg-hp203y-ae_firmwareMatch-
xiongmaitechivg-hp203y-aeMatch-
Node
xiongmaitechivg-hp203y-se_firmwareMatch-
xiongmaitechivg-hp203y-seMatch-
Node
xiongmaitechipg-hp500nr-s_firmwareMatch-
xiongmaitechipg-hp500nr-sMatch-
Node
xiongmaitechipg-80he20ps-s_firmwareMatch-
xiongmaitechipg-80he20ps-sMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| xiongmaitech:ahb7008f8-h_firmware | xiongmaitech ahb7008f8-h firmware | eq | 4.02.r11.3070 |
CNA Affected
[
{
"product": "Xiongmai Technology IP Cameras and DVRs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Xiongmai Technology IP Cameras and DVRs"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
prion
prion
Stack overflow
2017-12-20 19:29:00
Buffer overflow
2018-06-08 12:29:00
Stack overflow
2023-03-28 22:15:00
ics
ics
Xiongmai Technology IP Cameras and DVRs
2017-12-07 12:00:00
attackerkb
attackerkb
CVE-2018-10088
2018-06-08 00:00:00
cve
cve
CVE-2018-10088
2018-06-08 12:29:00
CVE-2022-45460
2023-03-28 22:15:09
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.004 Low
EPSS
Percentile
72.8%
Related for CVE-2017-16725