9.8

CVE-2018-17878

Exploit

Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers to gain control of the program via crafted string sent to sprintf() function.

Data is provided by the National Vulnerability Database (NVD)
AbusTvip 10000 Firmware Version-
   AbusTvip 10000 Version-
AbusTvip 10001 Firmware Version-
   AbusTvip 10001 Version-
AbusTvip 10005 Firmware Version-
   AbusTvip 10005 Version-
AbusTvip 10005a Firmware Version-
   AbusTvip 10005a Version-
AbusTvip 10005b Firmware Version-
   AbusTvip 10005b Version-
AbusTvip 10050 Firmware Version-
   AbusTvip 10050 Version-
AbusTvip 10051 Firmware Version-
   AbusTvip 10051 Version-
AbusTvip 10055a Firmware Version-
   AbusTvip 10055a Version-
AbusTvip 10055b Firmware Version-
   AbusTvip 10055b Version-
AbusTvip 10500 Firmware Version-
   AbusTvip 10500 Version-
AbusTvip 10550 Firmware Version-
   AbusTvip 10550 Version-
AbusTvip 11000 Firmware Version-
   AbusTvip 11000 Version-
AbusTvip 11050 Firmware Version-
   AbusTvip 11050 Version-
AbusTvip 11500 Firmware Version-
   AbusTvip 11500 Version-
AbusTvip 11501 Firmware Version-
   AbusTvip 11501 Version-
AbusTvip 11502 Firmware Version-
   AbusTvip 11502 Version-
AbusTvip 11550 Firmware Version-
   AbusTvip 11550 Version-
AbusTvip 11551 Firmware Version-
   AbusTvip 11551 Version-
AbusTvip 11552 Firmware Version-
   AbusTvip 11552 Version-
AbusTvip 20000 Firmware Version-
   AbusTvip 20000 Version-
AbusTvip 20050 Firmware Version-
   AbusTvip 20050 Version-
AbusTvip 20500 Firmware Version-
   AbusTvip 20500 Version-
AbusTvip 20550 Firmware Version-
   AbusTvip 20550 Version-
AbusTvip 21000 Firmware Version-
   AbusTvip 21000 Version-
AbusTvip 21050 Firmware Version-
   AbusTvip 21050 Version-
AbusTvip 21500 Firmware Version-
   AbusTvip 21500 Version-
AbusTvip 21501 Firmware Version-
   AbusTvip 21501 Version-
AbusTvip 21502 Firmware Version-
   AbusTvip 21502 Version-
AbusTvip 21550 Firmware Version-
   AbusTvip 21550 Version-
AbusTvip 21551 Firmware Version-
   AbusTvip 21551 Version-
AbusTvip 21552 Firmware Version-
   AbusTvip 21552 Version-
AbusTvip 22500 Firmware Version-
   AbusTvip 22500 Version-
AbusTvip 31000 Firmware Version-
   AbusTvip 31000 Version-
AbusTvip 31001 Firmware Version-
   AbusTvip 31001 Version-
AbusTvip 31050 Firmware Version-
   AbusTvip 31050 Version-
AbusTvip 31500 Firmware Version-
   AbusTvip 31500 Version-
AbusTvip 31501 Firmware Version-
   AbusTvip 31501 Version-
AbusTvip 31550 Firmware Version-
   AbusTvip 31550 Version-
AbusTvip 31551 Firmware Version-
   AbusTvip 31551 Version-
AbusTvip 32500 Firmware Version-
   AbusTvip 32500 Version-
AbusTvip 51500 Firmware Version-
   AbusTvip 51500 Version-
AbusTvip 51550 Firmware Version-
   AbusTvip 51550 Version-
AbusTvip 71500 Firmware Version-
   AbusTvip 71500 Version-
AbusTvip 71501 Firmware Version-
   AbusTvip 71501 Version-
AbusTvip 71550 Firmware Version-
   AbusTvip 71550 Version-
AbusTvip 71551 Firmware Version-
   AbusTvip 71551 Version-
AbusTvip 72500 Firmware Version-
   AbusTvip 72500 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.12% 0.279
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.