Design/Logic Flaw

2008-10-0115:38:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.06 Low

EPSS

Percentile

93.5%

JSON

The web interface in Samsung DVR SHR2040 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, related to the filter for configuration properties and “/x” characters.

CPENameOperatorVersion
dvr_shr2040eqb3.3ek1.53v2.19705281908 

CPE	Name	Operator	Version
	dvr_shr2040	eq	b3.3ek1.53v2.19705281908

References

secunia.com/advisories/31752

securityreason.com/securityalert/4329

www.securityfocus.com/bid/31047

www.sybsecurity.com/advisors/SYBSEC-ADV16-Samsung_DVR_SHR_2040_HTTPD_Remote_Denial_Of_Service

exchange.xforce.ibmcloud.com/vulnerabilities/44995

www.exploit-db.com/exploits/6394