// For flags

CVE-2014-8755

Panasonic Network Camera View GetImageDataPrint Untrusted Pointer Dereference Remote Code Execution Vulnerability

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Panasonic Network Camera View 3 and 4 allows remote attackers to execute arbitrary code via a crafted page, which triggers an invalid pointer dereference, related to "the ability to nullify an arbitrary address in memory."

Panasonic Network Camera View 3 y 4 permite a atacantes remotos ejecutar código arbitrario a través de una página manipulada, lo que provoca una referencia a puntero inválida, relacionado con 'la habilidad de anular una dirección arbitraria en la memoria.'

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic Network Camera View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the GetImageDataPrint method of the WebVideoCam ActiveX control. The issue lies in the ability to nullify an arbitrary address in memory. An attacker can leverage this vulnerability to execute code under the context of the current process.

*Credits: Ariele Caltabiano (kimiya)
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-10-13 CVE Reserved
  • 2014-10-14 CVE Published
  • 2023-08-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Panasonic
Search vendor "Panasonic"
 Network Camera View
Search vendor "Panasonic" for product "Network Camera View"
 3.0
Search vendor "Panasonic" for product "Network Camera View" and version "3.0"
-
Affected
Panasonic
Search vendor "Panasonic"
 Network Camera View
Search vendor "Panasonic" for product "Network Camera View"
 4.0
Search vendor "Panasonic" for product "Network Camera View" and version "4.0"
-
Affected