13 matches found
(Pwn2Own) Lorex 2K Indoor Wi-Fi Security Camera Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sonia module. The issue results from the lack of...
Dahua Security Cameras Stack-based Buffer Overflow (CVE-2017-3223)
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia /usr/bin/sonia that provides the web interface and oth...
soniaaureacakes.com Cross Site Scripting vulnerability OBB-3906768
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
soniatapiaphotography.com Cross Site Scripting vulnerability OBB-3657088
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2017-8230
On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who has access to login in to the web administrativ...
CVE-2017-8226
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a...
CVE-2017-3223
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia /usr/bin/sonia that provides the web interface and oth...
Stack overflow
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia /usr/bin/sonia that provides the web interface and oth...
CVE-2017-3223
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia /usr/bin/sonia that provides the web interface and oth...
CVE-2017-3223 Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia /usr/bin/sonia that provides the web interface and oth...
EUVD-2017-12344
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia /usr/bin/sonia that provides the web interface and oth...
CVE-2017-3223
CVE-2017-3223 affects Dahua IP cameras via the Sonia web interface (/usr/bin/sonia). Older firmware (pre V2.400.0000.14.R.20170713) does not validate input length for the password field, enabling a remote, unauthenticated attacker to send crafted POST requests that may trigger out-of-bounds memor...
Dahua IP cameras Sonia web interface is vulnerable to stack buffer overflow
Overview Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Description CWE-121: Stack-based Buffer Overflow - CVE-2017-3223Dahua IP camera products include an...