An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device.
References
Link | Resource |
---|---|
https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-01-30 13:29
Updated : 2018-02-27 08:12
NVD link : CVE-2018-6407
Mitre link : CVE-2018-6407
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
conceptronic
- cipcamptiwl
- cipcamptiwl_web_firmware
- cipcamptiwl_firmware