CVE-2018-3938

Published: Aug 14, 2018Modified: Nov 21, 2024

10.0

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 6.0

Source: NVD

Description

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.

Affected (14)

Products: Sony: Snc Eb600 Firmware, Snc Eb630 Firmware, Snc Eb600b Firmware, Snc Eb630b Firmware, Snc Eb602r Firmware, Snc Eb632r Firmware, Snc Em600 Firmware, Snc Em601 Firmware, Snc Em630 Firmware, Snc Em631 Firmware, Snc Em602r Firmware, Snc Em632r Firmware, Snc Em602rc Firmware, Snc Em632rc Firmware

14 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Eb600 Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Eb600	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Eb630 Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Eb630	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Eb600b Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Eb600b	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Eb630b Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Eb630b	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Eb602r Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Eb602r	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Eb632r Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Eb632r	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em600 Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em600	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em601 Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em601	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em630 Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em630	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em631 Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em631	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em602r Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em602r	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em632r Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em632r	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em602rc Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em602rc	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sony Snc Em632rc Firmware	Version 1.87.00

Running on/with	Platform Versions
Sony Snc Em632rc	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0605

Source: talos-cna@cisco.com

Third Party Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0605

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.