CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2018-3938
https://notcve.org/view.php?id=CVE-2018-3938
14 Aug 2018 — An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer basado en pila explotable en la funcionalidad 802dot1xclientcert.cgi de Sony IPELA E Series Camera G5 con la versión 1.87... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0605 • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 5%CPEs: 28EXPL: 1CVE-2018-3937
https://notcve.org/view.php?id=CVE-2018-3937
14 Aug 2018 — An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability. Existe una vulnerabilidad de inyección de comandos explotable en la funcionalidad measurementBitrateExec de Sony IPELA E Series Network Camera G5 con la versión 1.87.00 de firmware. Una petición GET especialmen... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0604 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 35%CPEs: 82EXPL: 0CVE-2016-7834
https://notcve.org/view.php?id=CVE-2016-7834
13 Apr 2017 — SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, ... • https://jvn.jp/en/vu/JVNVU96435227/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •