Accfly Wireless Security IR Camera 720P up to 4.15.77 Message ServerIP_Proto_Set stack-based overflow

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Accfly Wireless Security IR Camera 720P up to 4.15.77. This vulnerability affects the function CNetClientManage::ServerIP_Proto_Set of the component Message Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field01/28/2021 08:51 AM02/21/2021 08:00 AM02/21/2021 08:05 AM
vendorAccflyAccflyAccfly
nameWireless Security IR Camera 720PWireless Security IR Camera 720PWireless Security IR Camera 720P
version<=4.15.77<=4.15.77<=4.15.77
componentMessage HandlerMessage HandlerMessage Handler
functionCNetClientManage::ServerIP_Proto_SetCNetClientManage::ServerIP_Proto_SetCNetClientManage::ServerIP_Proto_Set
cwe121 (memory corruption)121 (memory corruption)121 (memory corruption)
risk222
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
urlhttps://github.com/tezeb/accfly/blob/master/Readme.mdhttps://github.com/tezeb/accfly/blob/master/Readme.mdhttps://github.com/tezeb/accfly/blob/master/Readme.md
cveCVE-2020-25782CVE-2020-25782CVE-2020-25782
date1611788400 (01/28/2021)1611788400 (01/28/2021)1611788400 (01/28/2021)
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_avAAA
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_sUUU
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss2_vuldb_basescore5.85.85.8
cvss2_vuldb_tempscore5.85.85.8
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.36.36.3
cvss3_meta_basescore6.36.38.0
cvss3_meta_tempscore6.36.38.0
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned16004664001600466400
cve_nvd_summaryAn issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss2_nvd_basescore7.5
cvss3_nvd_basescore9.8

Do you want to use VulDB in your project?

Use the official API to access entries easily!