Sign-up

ID

VAR-201804-1240


CVE

CVE-2018-6413


TITLE

Hikvision Camera DS-2CD9111-S Buffer error vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2018-004402 // CNNVD: CNNVD-201804-847

DESCRIPTION

There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request. Hikvision Camera DS-2CD9111-S Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Hikvision Camera DS-2CD9111-S is a network camera product of China Hikvision Company. The vulnerability stems from the fact that the program does not fully verify some values ​​in the message

Trust: 1.8

sources: NVD: CVE-2018-6413 // JVNDB: JVNDB-2018-004402 // VULHUB: VHN-136445 // VULMON: CVE-2018-6413

IOT TAXONOMY

category:['camera device']sub_category:camera

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:hikvisionmodel:ds-2cd9111-sscope:lteversion:4.1.2

Trust: 1.0

vendor:hikvision digitalmodel:ds-2cd9111-sscope:lteversion:4.1.2 build 160203

Trust: 0.8

vendor:hikvisionmodel:ds-2cd9111-sscope:eqversion:4.1.2

Trust: 0.6

sources: JVNDB: JVNDB-2018-004402 // CNNVD: CNNVD-201804-847 // NVD: CVE-2018-6413

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-6413
value: HIGH

Trust: 1.0

NVD: CVE-2018-6413
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201804-847
value: MEDIUM

Trust: 0.6

VULHUB: VHN-136445
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-6413
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-6413
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-136445
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-6413
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-136445 // VULMON: CVE-2018-6413 // JVNDB: JVNDB-2018-004402 // CNNVD: CNNVD-201804-847 // NVD: CVE-2018-6413

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-136445 // JVNDB: JVNDB-2018-004402 // NVD: CVE-2018-6413

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-847

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201804-847

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-004402

PATCH
title:HSRC-201712-07url:http://www1.hikvision.com/cn/support_det_591_i514.html
Trust: 0.8
title:Hikvision Camera DS-2CD9111-S Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80203
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-004402 // 
            
            
            
            CNNVD: CNNVD-201804-847

EXTERNAL IDS
db:NVDid:CVE-2018-6413
Trust: 2.7
db:JVNDBid:JVNDB-2018-004402
Trust: 0.8
db:CNNVDid:CNNVD-201804-847
Trust: 0.7
db:OTHERid:NONE
Trust: 0.1
db:VULHUBid:VHN-136445
Trust: 0.1
db:VULMONid:CVE-2018-6413
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULHUB: VHN-136445 // 
            
            
            
            VULMON: CVE-2018-6413 // 
            
            
            
            JVNDB: JVNDB-2018-004402 // 
            
            
            
            CNNVD: CNNVD-201804-847 // 
            
            
            
            NVD: CVE-2018-6413

REFERENCES
url:http://www1.hikvision.com/cn/support_det_591_i514.html
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6413
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-6413
Trust: 0.8
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            VULHUB: VHN-136445 // 
            
            
            
            VULMON: CVE-2018-6413 // 
            
            
            
            JVNDB: JVNDB-2018-004402 // 
            
            
            
            CNNVD: CNNVD-201804-847 // 
            
            
            
            NVD: CVE-2018-6413

SOURCES
db:OTHERid: - 
db:VULHUBid:VHN-136445
db:VULMONid:CVE-2018-6413
db:JVNDBid:JVNDB-2018-004402
db:CNNVDid:CNNVD-201804-847
db:NVDid:CVE-2018-6413

LAST UPDATE DATE
2025-01-30T21:39:57.232000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-136445date:2018-05-23T00:00:00
db:VULMONid:CVE-2018-6413date:2018-05-23T00:00:00
db:JVNDBid:JVNDB-2018-004402date:2018-06-19T00:00:00
db:CNNVDid:CNNVD-201804-847date:2018-05-16T00:00:00
db:NVDid:CVE-2018-6413date:2024-11-21T04:10:39.980

SOURCES RELEASE DATE
db:VULHUBid:VHN-136445date:2018-04-18T00:00:00
db:VULMONid:CVE-2018-6413date:2018-04-18T00:00:00
db:JVNDBid:JVNDB-2018-004402date:2018-06-19T00:00:00
db:CNNVDid:CNNVD-201804-847date:2018-04-18T00:00:00
db:NVDid:CVE-2018-6413date:2018-04-18T15:29:00.270