Design/Logic Flaw

2019-08-0623:15:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.2%

JSON

A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because of a buffer overflow in a Bash command string.

CPENameOperatorVersion
mdc-n2190v_firmwarele6400.0.8.5
mdc-n4090_firmwarele6400.0.8.5
mdc-n4090w_firmwarele6400.0.8.5

Name	Operator	Version
mdc-n2190v_firmware	le	6400.0.8.5
mdc-n4090_firmware	le	6400.0.8.5
mdc-n4090w_firmware	le	6400.0.8.5

References

www.microdigital.co.kr/

pastebin.com/PSyqqs1g

www.microdigital.ru/