← voltar
CVE-2023-43755

Zavio IP Camera Stack-Based Buffer Overflow

CVSS 9.8 CRITICALEPSS 1.3%CWE-121
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the processing and parsing of certain fields in XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Zavio · IP Camera B8220Zavio · IP Camera B8520Zavio · IP Camera CB3211Zavio · IP Camera CB3212Zavio · IP Camera CB5220Zavio · IP Camera CB6231Zavio · IP Camera CD321Zavio · IP Camera CF7201Zavio · IP Camera CF7300Zavio · IP Camera CF7500Zavio · IP Camera CF7501

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03