← Back

CVE-2022-26259

nvd nist
Published: Mar 28, 2022Modified: Jun 17, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request.

Affected (10)

Xiongmaitech
10 products
Nbd80x16s Kl Firmware
Nbd80x09s Kl Firmware
Nbd80x08s Kl Firmware
Nbd80x09ra Kl Firmware
Ahb80x04r Mh Firmware
Ahb80x04r Mh V2 Firmware
Ahb80x04 R Mh V3 Firmware
Ahb80n16t Gs Firmware
Ahb80n32f4 Lme Firmware
Nbd90s0vt Qw Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nbd80x16s Kl Firmware
Version 4.03.r11.nat.dss.onvifc.20210727
Running on/withPlatform Versions
Xiongmaitech
Nbd80x16s Kl
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nbd80x09s Kl Firmware
Version 4.03.r11.nat.dss.onvifc.20210727
Running on/withPlatform Versions
Xiongmaitech
Nbd80x09s Kl
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nbd80x08s Kl Firmware
Version 4.03.r11.nat.dss.onvifc.20210727
Running on/withPlatform Versions
Xiongmaitech
Nbd80x08s Kl
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nbd80x09ra Kl Firmware
Version 4.03.r11.nat.dss.onvifc.20210727
Running on/withPlatform Versions
Xiongmaitech
Nbd80x09ra Kl
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ahb80x04r Mh Firmware
Version 4.03.r11.nat.dss.onvifc.20210729
Running on/withPlatform Versions
Xiongmaitech
Ahb80x04r Mh
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ahb80x04r Mh V2 Firmware
Version 4.03.r11.nat.dss.onvifc.20210729
Running on/withPlatform Versions
Xiongmaitech
Ahb80x04r Mh V2
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ahb80x04 R Mh V3 Firmware
Version 4.03.r11.nat.dss.onvifc.20210729
Running on/withPlatform Versions
Xiongmaitech
Ahb80x04 R Mh V3
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ahb80n16t Gs Firmware
Version 4.03.r11.7601.nat.onvifc.20211223
Running on/withPlatform Versions
Xiongmaitech
Ahb80n16t Gs
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ahb80n32f4 Lme Firmware
Version 4.03.r11.7601.nat.onvifc.20211228
Running on/withPlatform Versions
Xiongmaitech
Ahb80n32f4 Lme
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nbd90s0vt Qw Firmware
Version 4.03.r11.713g.nat.onvifc.2021
Running on/withPlatform Versions
Xiongmaitech
Nbd90s0vt Qw
All versions

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.