CVE-2024-41882

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot.The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
Hanwha_VisionCNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
Common Weakness Enumeration
References
https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf