CVE-2015-4409

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the SDK issue.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hikvision:ds-76xxx_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:hikvision:ds-7604ni-e1\/4p:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7608ni-12\/8p:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7608ni-e1\/8p:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7616ni-12\/16p:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7616ni-e2\/16p:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:hikvision:ds-77xxx_series_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:hikvision:ds-7716ni-14\/16p:-:*:*:*:*:*:*:*
cpe:2.3:h:hikvision:ds-7716ni-sp\/16:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:31

Type Values Removed Values Added
References () http://www.hikvision.com/En/Press-Release-details_435_i1023.html - Patch, Vendor Advisory () http://www.hikvision.com/En/Press-Release-details_435_i1023.html - Patch, Vendor Advisory

Information

Published : 2017-03-13 06:59

Updated : 2024-11-21 02:31


NVD link : CVE-2015-4409

Mitre link : CVE-2015-4409

CVE.ORG link : CVE-2015-4409


JSON object : View

Products Affected

hikvision

  • ds-7716ni-14\/16p
  • ds-7604ni-e1\/4p
  • ds-77xxx_series_firmware
  • ds-7616ni-12\/16p
  • ds-7716ni-sp\/16
  • ds-76xxx_series_firmware
  • ds-7616ni-e2\/16p
  • ds-7608ni-12\/8p
  • ds-7608ni-e1\/8p
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer