Versio.io

CVE-2018-3938

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 14-08-2018 09:29
Last modified: - 19-04-2022 08:15
Total changes: - 2

Description

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.

Common Vulnerability Scoring System (CVSS)

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Changed
Scope
None
User interaction
10.0
Base score
3.9
6.0
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=sony AND product=snc-eb600_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-eb600 AND version=-
AND
OR
vendor=sony AND product=snc-eb630_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-eb630 AND version=-
AND
OR
vendor=sony AND product=snc-eb600b_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-eb600b AND version=-
AND
OR
vendor=sony AND product=snc-eb630b_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-eb630b AND version=-
AND
OR
vendor=sony AND product=snc-eb602r_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-eb602r AND version=-
AND
OR
vendor=sony AND product=snc-eb632r_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-eb632r AND version=-
AND
OR
vendor=sony AND product=snc-em600_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em600 AND version=-
AND
OR
vendor=sony AND product=snc-em601_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em601 AND version=-
AND
OR
vendor=sony AND product=snc-em630_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em630 AND version=-
AND
OR
vendor=sony AND product=snc-em631_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em631 AND version=-
AND
OR
vendor=sony AND product=snc-em602r_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em602r AND version=-
AND
OR
vendor=sony AND product=snc-em632r_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em632r AND version=-
AND
OR
vendor=sony AND product=snc-em602rc_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em602rc AND version=-
AND
OR
vendor=sony AND product=snc-em632rc_firmware AND version=1.87.00
OR
vendor=sony AND product=snc-em632rc AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2018-3938

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.