Lucene search

[email protected]NVD:CVE-2018-12670

HistoryOct 19, 2018 - 10:29 p.m.

CVE-2018-12670

2018-10-1922:29:00

CWE-78

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.013

Percentile

86.2%

JSON

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.

Affected configurations

Nvd

Node

sv3ch.264_poe_ip_camera_firmwareMatchv2.3.4.2103-s50-ntd-b20170508b

AND

sv3csv-b01poe-1080p-lMatch-

sv3csv-b11vpoe-1080p-lMatch-

sv3csv-d02poe-1080p-lMatch-

Node

sv3ch.264_poe_ip_camera_firmwareMatchv2.3.4.2103-s50-ntd-b20170823b

AND

sv3csv-b01poe-1080p-lMatch-

sv3csv-b11vpoe-1080p-lMatch-

sv3csv-d02poe-1080p-lMatch-

VendorProductVersionCPE
sv3ch.264_poe_ip_camera_firmwarev2.3.4.2103-s50-ntd-b20170508bcpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:*
sv3csv-b01poe-1080p-l-cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:*:*:*:*:*:*:*
sv3csv-b11vpoe-1080p-l-cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:*:*:*:*:*:*:*
sv3csv-d02poe-1080p-l-cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:*:*:*:*:*:*:*
sv3ch.264_poe_ip_camera_firmwarev2.3.4.2103-s50-ntd-b20170823bcpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170823b:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sv3c	h.264_poe_ip_camera_firmware	v2.3.4.2103-s50-ntd-b20170508b	cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:::::::*
sv3c	sv-b01poe-1080p-l	-	cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:::::::*
sv3c	sv-b11vpoe-1080p-l	-	cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:::::::*
sv3c	sv-d02poe-1080p-l	-	cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:::::::*
sv3c	h.264_poe_ip_camera_firmware	v2.3.4.2103-s50-ntd-b20170823b	cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170823b:::::::*

References

www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.013

Percentile

86.2%

JSON

Related for NVD:CVE-2018-12670

cvelist1 prion1 cve1