CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-3223 – Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow
https://notcve.org/view.php?id=CVE-2017-3223
Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the 'password' field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera's Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.30.R.20160803. • http://www.securityfocus.com/bid/99620 https://www.kb.cert.org/vuls/id/547255 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 2CVE-2014-1849 – Foscam IP Camera - Predictable Credentials Security Bypass
https://notcve.org/view.php?id=CVE-2014-1849
Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijack arbitrary cameras and conduct other attacks by modifying arbitrary camera records in the Foscam DNS server. Foscam IP Camera 11.37.2.49 y otras versiones, cuando utiliza la opción Foscam DynDNS, genera credenciales basados en nombres de subdominio de camera previsibles, lo que permite a atacantes remotos falsificar o secuestrar cameras arbitrarias y realizar otros ataques mediante la modificación de registros de camera arbitrarios en el servidor Foscam DNS. • https://www.exploit-db.com/exploits/39195 http://blog.shekyan.com/2014/05/cve-2014-1849-foscam-dynamic-dns-predictable-credentials-vulnerability.html http://seclists.org/fulldisclosure/2014/May/35 https://github.com/artemharutyunyan/getmecamtool/blob/master/src/dnsmod.c • CWE-255: Credentials Management Errors •