CVE-2013-4981

Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
avtechavn801_dvr_firmware
𝑥
≤ 1017-1003-1009-1003
avtechavn801_dvr
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/96693
http://seclists.org/fulldisclosure/2013/Aug/284
http://www.coresecurity.com/advisories/avtech-dvr-multiple-vulnerabilities
http://osvdb.org/96693
http://seclists.org/fulldisclosure/2013/Aug/284
http://www.coresecurity.com/advisories/avtech-dvr-multiple-vulnerabilities