Stack overflow

2017-12-2019:29:00

PRIOn knowledge base

www.prio-n.com

9.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

JSON

A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible.

CPENameOperatorVersion
ahb7004t-g-v4_firmwareeq4.2.0-r11.7601
ahb7004t-gl-v4_firmwareeq4.2.0-r11.7601
ahb7004t-gs-v3_firmwareeq4.2.0-r11.7601
ahb7004t-h-v2_firmwareeq4.2.0-r11.7601
ahb7004t-lm-v3_firmwareeq4.2.0-r11.3070
ahb7004t-lme-v3_firmwareeq4.2.0-r11.7601
ahb7004t-mh-v2_firmwareeq4.2.0-r11.7601
ahb7004t-mh-v3_firmwareeq4.2.0-r11.7601
ahb7008f2-g-v4_firmwareeq4.2.0-r11.7601
ahb7008f2-h_firmwareeq4.2.0-r11.3070

Name	Operator	Version
ahb7004t-g-v4_firmware	eq	4.2.0-r11.7601
ahb7004t-gl-v4_firmware	eq	4.2.0-r11.7601
ahb7004t-gs-v3_firmware	eq	4.2.0-r11.7601
ahb7004t-h-v2_firmware	eq	4.2.0-r11.7601
ahb7004t-lm-v3_firmware	eq	4.2.0-r11.3070
ahb7004t-lme-v3_firmware	eq	4.2.0-r11.7601
ahb7004t-mh-v2_firmware	eq	4.2.0-r11.7601
ahb7004t-mh-v3_firmware	eq	4.2.0-r11.7601
ahb7008f2-g-v4_firmware	eq	4.2.0-r11.7601
ahb7008f2-h_firmware	eq	4.2.0-r11.3070