Details of VAR-201612-0641

ID

VAR-201612-0641

TITLE

MileSight camera Web UI CGI buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-04433

DESCRIPTION

MileSight camera is a network camera produced by Xiamen Pulse Vision Digital Technology Co., Ltd. MileSight camera has Web UI CGI buffer overflow vulnerability. An attacker exploiting the vulnerability could cause the web interface of the camera to crash and execute arbitrary code remotely.

Trust: 0.6

sources: CNVD: CNVD-2016-04433

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-04433

AFFECTED PRODUCTS

vendor:	milesight	model:	ms-c2163-f pna	scope:	-	version:	-	Trust: 0.6
vendor:	milesight	model:	ms-c2163-pna	scope:	-	version:	-	Trust: 0.6
vendor:	milesight	model:	ms-c3?6?-f pna	scope:	-	version:	-	Trust: 0.6
vendor:	milesight	model:	ms-c3?6?-pna	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-04433

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-04433
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2016-04433
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-04433

EXTERNAL IDS

db:

CNVD

id:

CNVD-2016-04433

Trust: 0.6

sources: CNVD: CNVD-2016-04433

SOURCES

db:

CNVD

id:

CNVD-2016-04433

LAST UPDATE DATE

2022-05-04T09:11:43.289000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-04433

date:

2016-07-01T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-04433

date:

2016-12-31T00:00:00