The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address.
References
Link | Resource |
---|---|
http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=%20&mm=2010073014092324 | Broken Link Patch |
http://www.zerodayinitiative.com/advisories/ZDI-14-363/ | Third Party Advisory VDB Entry |
http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=%20&mm=2010073014092324 | Broken Link Patch |
http://www.zerodayinitiative.com/advisories/ZDI-14-363/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:19
Type | Values Removed | Values Added |
---|---|---|
References | () http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=%20&mm=2010073014092324 - Broken Link, Patch | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-14-363/ - Third Party Advisory, VDB Entry |
Information
Published : 2014-10-17 15:55
Updated : 2024-11-21 02:19
NVD link : CVE-2014-8756
Mitre link : CVE-2014-8756
CVE.ORG link : CVE-2014-8756
JSON object : View
Products Affected
panasonic
- network_camera_recorder
- network_camera_recorder_firmware
CWE