Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2023-34551
HistoryAug 01, 2023 - 6:15 p.m.

CVE-2023-34551

2023-08-0118:15:09
CWE-787
mitre
web.nvd.nist.gov
32
ezviz
netclientsetwlancfg
stack buffer overflow
remote code execution
firmware vulnerability
cve-2023-34551

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

33.8%

JSON

In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. The impact is: execute arbitrary code (remote).

Affected configurations

Nvd
Node
ezvizcs-c6n-b0-1g2wfMatch-
AND
ezvizcs-c6n-b0-1g2wf_firmwareRange5.3.0
Node
ezvizcs-c6n-r101-1g2wfMatch-
AND
ezvizcs-c6n-r101-1g2wf_firmwareRange5.3.0
Node
ezvizcs-cv310-a0-1b2wfr_firmwareRange5.3.0
AND
ezvizcs-cv310-a0-1b2wfrMatch-
Node
ezvizcs-cv310-a0-1c2wfr-cMatch-
AND
ezvizcs-cv310-a0-1c2wfr-c_firmwareRange5.3.2
Node
ezvizcs-c6n-a0-1c2wfr-mulMatch-
AND
ezvizcs-c6n-a0-1c2wfr-mul_firmwareRange5.3.2
Node
ezvizcs-cv310-a0-3c2wfrl-1080pMatch-
AND
ezvizcs-cv310-a0-3c2wfrl-1080p_firmwareRange5.2.7
Node
ezvizcs-cv310-a0-1c2wfrMatch-
AND
ezvizcs-cv310-a0-1c2wfr_firmwareRange5.3.2
Node
ezvizcs-cv248-a0-32wmfrMatch-
AND
ezvizcs-cv248-a0-32wmfr_firmwareRange5.2.3
Node
ezvizlc1cMatch-
AND
ezvizlc1c_firmwareRange5.3.4
VendorProductVersionCPE
ezvizcs-c6n-b0-1g2wf-cpe:2.3:h:ezviz:cs-c6n-b0-1g2wf:-:*:*:*:*:*:*:*
ezvizcs-c6n-b0-1g2wf_firmware*cpe:2.3:o:ezviz:cs-c6n-b0-1g2wf_firmware:*:*:*:*:*:*:*:*
ezvizcs-c6n-r101-1g2wf-cpe:2.3:h:ezviz:cs-c6n-r101-1g2wf:-:*:*:*:*:*:*:*
ezvizcs-c6n-r101-1g2wf_firmware*cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:*:*:*:*:*:*:*:*
ezvizcs-cv310-a0-1b2wfr_firmware*cpe:2.3:o:ezviz:cs-cv310-a0-1b2wfr_firmware:*:*:*:*:*:*:*:*
ezvizcs-cv310-a0-1b2wfr-cpe:2.3:h:ezviz:cs-cv310-a0-1b2wfr:-:*:*:*:*:*:*:*
ezvizcs-cv310-a0-1c2wfr-c-cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr-c:-:*:*:*:*:*:*:*
ezvizcs-cv310-a0-1c2wfr-c_firmware*cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr-c_firmware:*:*:*:*:*:*:*:*
ezvizcs-c6n-a0-1c2wfr-mul-cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr-mul:-:*:*:*:*:*:*:*
ezvizcs-c6n-a0-1c2wfr-mul_firmware*cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

Related

nvd 1
prion 1
cvelist 1
kitploit 1
nvd
nvd
CVE-2023-34551
2023-08-01 18:15:09
prion
prion
Stack overflow
2023-08-01 18:15:00
cvelist
cvelist
CVE-2023-34551
2023-08-01 00:00:00
kitploit
kitploit
SADProtocol goes to Hollywood
2024-02-08 11:30:00

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

33.8%

JSON
Related for CVE-2023-34551
nvd1prion1cvelist1kitploit1