Sign-up

ID

VAR-201501-0575


CVE

CVE-2014-10011


TITLE

TRENDnet TV-IP422WN 'UltraCamX.ocx' Multiple Stack Buffer Overflow Vulnerabilities

Trust: 0.9

sources: CNVD: CNVD-2014-08542 // BID: 71292

DESCRIPTION

Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Control (UltraCamX.ocx) for the TRENDnet SecurView camera TV-IP422WN allows remote attackers to execute arbitrary code via a long string to the (1) CGI_ParamSet, (2) OpenFileDlg, (3) SnapFileName, (4) Password, (5) SetCGIAPNAME, (6) AccountCode, or (7) RemoteHost function. TRENDnet TEW-818DRU is a routing device. TRENDnet TV-IP422WN 'UltraCamX.ocx' has multiple stack buffer overflow vulnerabilities because it cannot properly check user-supplied data before copying it to a full-size memory buffer. An attacker could exploit these vulnerabilities to execute arbitrary code in the context of an affected application. Failed exploit attempts will result in denial-of-service conditions. SecurView Wireless N Day/Night Pan/Tilt Internet Camera, a powerfuldual-codec wireless network camera with the 2-way audio function that providesthe high-quality image and on-the-spot audio via the Internet connection.The UltraCam ActiveX Control 'UltraCamX.ocx' suffers from a stack bufferoverflow vulnerability when parsing large amount of bytes to several functionsin UltraCamLib, resulting in memory corruption overwriting severeal registersincluding the SEH. An attacker can gain access to the system of the affectednode and execute arbitrary code.<br/><br/>--------------------------------------------------------------------------------<br/><br/><code>0:000&gt; r<br/>eax=41414141 ebx=100ceff4 ecx=0042df38 edx=00487900 esi=00487a1c edi=0042e9fc<br/>eip=100203fb esp=0042d720 ebp=0042e9a8 iopl=0 nv up ei pl nz ac po nc<br/>cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210212<br/>UltraCamX!DllUnregisterServer+0xeb2b:<br/>100203fb 8b48e0 mov ecx,dword ptr [eax-20h] ds:002b:41414121=????????<br/>0:000&gt; !exchain<br/>0042eda8: 41414141<br/>Invalid exception stack at 41414141<br/></code><br/> --------------------------------------------------------------------------------<br/><br/>Tested on: Microsoft Windows 7 Professional SP1 (EN). TRENDnet SecurView camera TV-IP422WN is a wireless IP camera product from TRENDnet. UltraCam ActiveX Control (UltraCamX.ocx) is one of the digital aerial camera controls

Trust: 2.61

sources: NVD: CVE-2014-10011 // JVNDB: JVNDB-2014-007642 // CNVD: CNVD-2014-08542 // BID: 71292 // ZSL: ZSL-2014-5211 // VULHUB: VHN-68548

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

category:['camera device']sub_category:camera

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2014-08542

AFFECTED PRODUCTS

vendor:trendnetmodel:tv-ip422wscope:eqversion: -

Trust: 1.6

vendor:trendnetmodel:tv-ip422wnscope:eqversion: -

Trust: 1.6

vendor:trendnetmodel:tv-ip422wnscope: - version: -

Trust: 1.4

vendor:trendnetmodel:tv-ip422wscope: - version: -

Trust: 0.8

vendor:trendnetmodel:tv-ip422wnscope:eqversion:0

Trust: 0.3

vendor:trendnetmodel:securview wireless network camera tv-ipscope:eqversion:tv-ip422wn/tv-ip422w

Trust: 0.1

sources: ZSL: ZSL-2014-5211 // CNVD: CNVD-2014-08542 // BID: 71292 // JVNDB: JVNDB-2014-007642 // CNNVD: CNNVD-201411-487 // NVD: CVE-2014-10011

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-10011
value: HIGH

Trust: 1.0

NVD: CVE-2014-10011
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-08542
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201411-487
value: HIGH

Trust: 0.6

ZSL: ZSL-2014-5211
value: (4/5)

Trust: 0.1

VULHUB: VHN-68548
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-10011
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-08542
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-68548
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZSL: ZSL-2014-5211 // CNVD: CNVD-2014-08542 // VULHUB: VHN-68548 // JVNDB: JVNDB-2014-007642 // CNNVD: CNNVD-201411-487 // NVD: CVE-2014-10011

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-68548 // JVNDB: JVNDB-2014-007642 // NVD: CVE-2014-10011

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201411-487

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201411-487

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-007642

EXPLOIT AVAILABILITY
sources:
            
            
            ZSL: ZSL-2014-5211 // 
            
            
            
            VULHUB: VHN-68548

PATCH
title:TV-IP422WNurl:http://www.trendnet.com/products/proddetail.asp?prod=190_TV-IP422WN
Trust: 0.8
title:TV-IP422Wurl:http://www.trendnet.com/products/proddetail.asp?prod=155_TV-IP422W
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-007642

EXTERNAL IDS
db:NVDid:CVE-2014-10011
Trust: 3.0
db:ZSLid:ZSL-2014-5211
Trust: 2.9
db:BIDid:71292
Trust: 2.7
db:PACKETSTORMid:129262
Trust: 1.8
db:JVNDBid:JVNDB-2014-007642
Trust: 0.8
db:XFid:98948
Trust: 0.7
db:CNNVDid:CNNVD-201411-487
Trust: 0.7
db:CNVDid:CNVD-2014-08542
Trust: 0.6
db:EXPLOIT-DBid:35363
Trust: 0.2
db:CXSECURITYid:WLB-2014110169
Trust: 0.1
db:OSVDBid:115037
Trust: 0.1
db:VULDBid:68288
Trust: 0.1
db:SECUNIAid:60244
Trust: 0.1
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-68548
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2014-5211 // 
            
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2014-08542 // 
            
            
            
            VULHUB: VHN-68548 // 
            
            
            
            BID: 71292 // 
            
            
            
            JVNDB: JVNDB-2014-007642 // 
            
            
            
            CNNVD: CNNVD-201411-487 // 
            
            
            
            NVD: CVE-2014-10011

REFERENCES
url:http://www.zeroscience.mk/en/vulnerabilities/zsl-2014-5211.php
Trust: 2.8
url:http://www.securityfocus.com/bid/71292
Trust: 2.4
url:http://packetstormsecurity.com/files/129262/trendnet-securview-wireless-network-camera-tv-ip422wn-buffer-overflow.html
Trust: 1.7
url:http://www.zeroscience.mk/codes/trendnet_bof.txt
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/98948
Trust: 1.1
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-10011
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-10011
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/98948
Trust: 0.7
url:http://www.trendnet.com/
Trust: 0.3
url:http://www.exploit-db.com/exploits/35363/
Trust: 0.1
url:http://packetstormsecurity.com/files/129262
Trust: 0.1
url:http://cxsecurity.com/issue/wlb-2014110169
Trust: 0.1
url:http://osvdb.org/show/osvdb/115037
Trust: 0.1
url:http://www.vfocus.net/art/20141126/11848.html
Trust: 0.1
url:http://www.scip.ch/en/?vuldb.68288
Trust: 0.1
url:http://secunia.com/advisories/60244/
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-10011
Trust: 0.1
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2014-5211 // 
            
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2014-08542 // 
            
            
            
            VULHUB: VHN-68548 // 
            
            
            
            BID: 71292 // 
            
            
            
            JVNDB: JVNDB-2014-007642 // 
            
            
            
            CNNVD: CNNVD-201411-487 // 
            
            
            
            NVD: CVE-2014-10011

CREDITS
Gjoko Krstic
Trust: 0.9
sources:
            
            
            BID: 71292 // 
            
            
            
            CNNVD: CNNVD-201411-487

SOURCES
db:ZSLid:ZSL-2014-5211
db:OTHERid: - 
db:CNVDid:CNVD-2014-08542
db:VULHUBid:VHN-68548
db:BIDid:71292
db:JVNDBid:JVNDB-2014-007642
db:CNNVDid:CNNVD-201411-487
db:NVDid:CVE-2014-10011

LAST UPDATE DATE
2025-04-13T20:11:40.948000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2014-5211date:2015-01-17T00:00:00
db:CNVDid:CNVD-2014-08542date:2014-11-27T00:00:00
db:VULHUBid:VHN-68548date:2017-09-08T00:00:00
db:BIDid:71292date:2015-04-13T21:01:00
db:JVNDBid:JVNDB-2014-007642date:2015-01-16T00:00:00
db:CNNVDid:CNNVD-201411-487date:2015-01-15T00:00:00
db:NVDid:CVE-2014-10011date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZSLid:ZSL-2014-5211date:2014-11-25T00:00:00
db:CNVDid:CNVD-2014-08542date:2014-11-27T00:00:00
db:VULHUBid:VHN-68548date:2015-01-13T00:00:00
db:BIDid:71292date:2014-11-25T00:00:00
db:JVNDBid:JVNDB-2014-007642date:2015-01-16T00:00:00
db:CNNVDid:CNNVD-201411-487date:2014-11-26T00:00:00
db:NVDid:CVE-2014-10011date:2015-01-13T11:59:20.147