CVE-2019-25063 – Sricam IP CCTV Camera Device Viewer memory corruption
https://notcve.org/view.php?id=CVE-2019-25063
A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack. • https://vuldb.com/?id.159432 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2019-25062 – Sricam IP CCTV Camera Device Viewer stack-based overflow
https://notcve.org/view.php?id=CVE-2019-25062
A vulnerability was found in Sricam IP CCTV Camera and classified as critical. This issue affects some unknown processing of the component Device Viewer. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.159431 https://www.exploit-db.com/exploits/47477 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2019-6973 – Sricam gSOAP 2.8 - Denial of Service
https://notcve.org/view.php?id=CVE-2019-6973
Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds. Las cámaras CCTV Sricam IP son vulnerables a una denegación de servicio (DoS) mediante múltiples peticiones HTTP incompletas debido a que el servidor web (basado en gSOAP 2.8.x) está configurado para un enfoque de cola iterativa (también conocido como operación sin hilos) con un tiempo de agotamiento de varios segundos. Sricam gSOAP version 2.8 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/46261 http://packetstormsecurity.com/files/151377/Sricam-gSOAP-2.8-Denial-Of-Service.html https://github.com/bitfu/sricam-gsoap2.8-dos-exploit •