CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3001 – Vulnerability in Milesight Video Management Systems (VMS)
https://notcve.org/view.php?id=CVE-2022-3001
This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the targeted network camera. Successful exploitation of this vulnerability could allow the attacker to cause a Denial of Service condition on the targeted device. Esta vulnerabilidad se presenta en Milesight Video Management Systems (VMS), en todas las versiones de firmware anteriores a 40.7.0.79-r1, debido a un manejo inapropiado de las entradas en la interfaz de administración basada en web de la cámara. Un atacante remoto podría explotar esta vulnerabilidad mediante el envío de una petición http especialmente diseñada en la cámara de red objetivo. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0352 • CWE-20: Improper Input Validation •