Vulnerability CVE-2017-16725


Published: 2017-12-20

Description:
A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the device restores itself to a more vulnerable state in which Telnet is accessible.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Xiongmaitech -> Ahb7008t-gs-v3 firmware 
Xiongmaitech -> Ahb7016t-lme-v3 firmware 
Xiongmaitech -> Ahb7808r-lm-v3 firmware 
Xiongmaitech -> Ipg-50hv10pt-wp firmware 
Xiongmaitech -> Ipg-53h13p-p firmware 
Xiongmaitech -> Ipg-53h20pl-b firmware 
Xiongmaitech -> Ipg-83h20pa-a firmware 
Xiongmaitech -> Ipm-50v10pl-wr firmware 
Xiongmaitech -> Ahb7008t-h-v2 firmware 
Xiongmaitech -> Ahb7016t-mh-v2 firmware 
Xiongmaitech -> Ahb7808r-mh-v3 firmware 
Xiongmaitech -> Ipg-50hv10pv-a firmware 
Xiongmaitech -> Ipg-53h13p-s firmware 
Xiongmaitech -> Ipg-53h20pl-p firmware 
Xiongmaitech -> Ipg-83h20pa-s firmware 
Xiongmaitech -> Ipm-50v10pl-wrc firmware 
Xiongmaitech -> Ahb7004t-g-v4 firmware 
Xiongmaitech -> Ahb7008t-lm-v2 firmware 
Xiongmaitech -> Ahb7016t-mh-v3 firmware 
Xiongmaitech -> Ahb7808r-ms-v3 firmware 
Xiongmaitech -> Ipg-50hv10pv-s firmware 
Xiongmaitech -> Ipg-53h13pe-s firmware 
Xiongmaitech -> Ipg-53h20pl-s firmware 
Xiongmaitech -> Ipg-83h20pl-b firmware 
Xiongmaitech -> Ipm-53h13pe-wr firmware 
Xiongmaitech -> Ahb7004t-gl-v4 firmware 
Xiongmaitech -> Ahb7008t-lm-v3 firmware 
Xiongmaitech -> Ahb7016t4-gs-v3 firmware 
Xiongmaitech -> Ipg-50h10pe-s firmware 
Xiongmaitech -> Ipg-50hv20pes-s firmware 
Xiongmaitech -> Ipg-53h13pe-wk-4f firmware 
Xiongmaitech -> Ipg-53h20py-s firmware 
Xiongmaitech -> Ipg-83h20pl-p firmware 
Xiongmaitech -> Ipm-53h13pe-wrc firmware 
Xiongmaitech -> Ahb7004t-gs-v3 firmware 
Xiongmaitech -> Ahb7008t-lme-v3 firmware 
Xiongmaitech -> Ahb7016t4-mh-v2 firmware 
Xiongmaitech -> Ipg-50h10pe-sl firmware 
Xiongmaitech -> Ipg-50hv20pet-a firmware 
Xiongmaitech -> Ipg-53h13pe-wk firmware 
Xiongmaitech -> Ipg-53hv13pa-a firmware 
Xiongmaitech -> Ipg-83h40af firmware 
Xiongmaitech -> Ipm-53h13pe-wrm firmware 
Xiongmaitech -> Ahb7004t-h-v2 firmware 
Xiongmaitech -> Ahb7008t-mh-v2 firmware 
Xiongmaitech -> Ahb7032f2-gs-v3 firmware 
Xiongmaitech -> Ipg-50h10pe-wk-2f firmware 
Xiongmaitech -> Ipg-50hv20pet-s firmware 
Xiongmaitech -> Ipg-53h13pe-wp firmware 
Xiongmaitech -> Ipg-53hv13pa-s firmware 
Xiongmaitech -> Ipg-83h40pl-b firmware 
Xiongmaitech -> Ipm-53hv13pe-wr firmware 
Xiongmaitech -> Ahb7004t-lm-v3 firmware 
Xiongmaitech -> Ahb7008t-mh-v3 firmware 
Xiongmaitech -> Ahb7032f2-lm-v3 firmware 
Xiongmaitech -> Ipg-50h10pe-wk firmware 
Xiongmaitech -> Ipg-50hv20psa-s firmware 
Xiongmaitech -> Ipg-53h13pes-s firmware 
Xiongmaitech -> Ipg-53hv13pa-wp firmware 
Xiongmaitech -> Ipg-83h40pl-p firmware 
Xiongmaitech -> Ipm-53v13pl-wr firmware 
Xiongmaitech -> Ahb7004t-lme-v3 firmware 
Xiongmaitech -> Ahb7008t4-h-v2 
Xiongmaitech -> Ahb7032f4-gs-v3 firmware 
Xiongmaitech -> Ipg-50h10pe-wp firmware 
Xiongmaitech -> Ipg-50hv20psb-a firmware 
Xiongmaitech -> Ipg-53h13pes-sl firmware 
Xiongmaitech -> Ipg-53hv13pt-s firmware 
Xiongmaitech -> Ipg-83h50p-b firmware 
Xiongmaitech -> Ivg-hp203y-ae firmware 
Xiongmaitech -> Ahb7004t-mh-v2 firmware 
Xiongmaitech -> Ahb7008t4-h-v2 firmware 
Xiongmaitech -> Ahb7032f4-lm-v2 firmware 
Xiongmaitech -> Ipg-50h10pl-ae firmware 
Xiongmaitech -> Ipg-50hv20psb-s firmware 
Xiongmaitech -> Ipg-53h13pet-s firmware 
Xiongmaitech -> Ipg-53x13pa-s firmware 
Xiongmaitech -> Ipg-83h50p-p firmware 
Xiongmaitech -> Ivg-hp203y-se firmware 
Xiongmaitech -> Ahb7004t-mh-v3 firmware 
Xiongmaitech -> Ahb7016f2-gl-v4 firmware 
Xiongmaitech -> Ahb7032f4-lm-v3 firmware 
Xiongmaitech -> Ipg-50h10pl-b firmware 
Xiongmaitech -> Ipg-50x10pe-s firmware 
Xiongmaitech -> Ipg-53h13pl-ae firmware 
Xiongmaitech -> Ipg-53x13pe-s firmware 
Xiongmaitech -> Ipg-hp500nr-s firmware 
Xiongmaitech -> Ahb7008f2-g-v4 firmware 
Xiongmaitech -> Ahb7016f4-gl-v4 firmware 
Xiongmaitech -> Ahb7032f8-gs-v3 firmware 
Xiongmaitech -> Ipg-50h10pl-p firmware 
Xiongmaitech -> Ipg-50x10pt-s firmware 
Xiongmaitech -> Ipg-53h13pl-b firmware 
Xiongmaitech -> Ipg-53x13pt-s firmware 
Xiongmaitech -> Ipm-50h10pe-o(r) firmware 
Xiongmaitech -> Ahb7008f2-h firmware 
Xiongmaitech -> Ahb7016f8-gl-v4 firmware 
Xiongmaitech -> Ahb7032f8-lm-v2 firmware 
Xiongmaitech -> Ipg-50h10pl-r firmware 
Xiongmaitech -> Ipg-52h10pl-b firmware 

 References:
http://www.securityfocus.com/bid/102125
https://ics-cert.us-cert.gov/advisories/ICSA-17-341-01

Copyright 2024, cxsecurity.com

 

Back to Top