CVE-2022-26259

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 28-03-2022 03:15

Last modified: - 04-04-2022 10:40

Total changes: - 2

Description

A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=xiongmaitech AND product=nbd80x16s-kl_firmware AND version=4.03.r11.nat.dss.onvifc.20210727

vendor=xiongmaitech AND product=nbd80x16s-kl AND version=-

AND

vendor=xiongmaitech AND product=nbd80x09s-kl_firmware AND version=4.03.r11.nat.dss.onvifc.20210727

vendor=xiongmaitech AND product=nbd80x09s-kl AND version=-

AND

vendor=xiongmaitech AND product=nbd80x08s-kl_firmware AND version=4.03.r11.nat.dss.onvifc.20210727

vendor=xiongmaitech AND product=nbd80x08s-kl AND version=-

AND

vendor=xiongmaitech AND product=nbd80x09ra-kl_firmware AND version=4.03.r11.nat.dss.onvifc.20210727

vendor=xiongmaitech AND product=nbd80x09ra-kl AND version=-

AND

vendor=xiongmaitech AND product=ahb80x04r-mh_firmware AND version=4.03.r11.nat.dss.onvifc.20210729

vendor=xiongmaitech AND product=ahb80x04r-mh AND version=-

AND

vendor=xiongmaitech AND product=ahb80x04r-mh-v2_firmware AND version=4.03.r11.nat.dss.onvifc.20210729

vendor=xiongmaitech AND product=ahb80x04r-mh-v2 AND version=-

AND

vendor=xiongmaitech AND product=ahb80x04-r-mh-v3_firmware AND version=4.03.r11.nat.dss.onvifc.20210729

vendor=xiongmaitech AND product=ahb80x04-r-mh-v3 AND version=-

AND

vendor=xiongmaitech AND product=ahb80n16t-gs_firmware AND version=4.03.r11.7601.nat.onvifc.20211223

vendor=xiongmaitech AND product=ahb80n16t-gs AND version=-

AND

vendor=xiongmaitech AND product=ahb80n32f4-lme_firmware AND version=4.03.r11.7601.nat.onvifc.20211228

vendor=xiongmaitech AND product=ahb80n32f4-lme AND version=-

AND

vendor=xiongmaitech AND product=nbd90s0vt-qw_firmware AND version=4.03.r11.713g.nat.onvifc.2021

vendor=xiongmaitech AND product=nbd90s0vt-qw AND version=-

Reference

Keywords

CVE-2022-26259

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-26259

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures