CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
61.0%
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2.1.6.05 are
vulnerable to multiple instances of stack-based overflows. While
processing XML elements from incoming network requests, the product does
not sufficiently check or validate allocated buffer size. This may lead
to remote code execution.
[
{
"defaultStatus": "unaffected",
"product": "IP Camera CF7500",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CF7300",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CF7201",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CF7501",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CB3211",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CB3212",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CB5220",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CB6231",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera B8520",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera B8220",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IP Camera CD321",
"vendor": "Zavio",
"versions": [
{
"status": "affected",
"version": "version M2.1.6.05"
}
]
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
61.0%