CVE-2023-34551

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-34551
In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. The impact is: execute arbitrary code (remote).

8.0 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://ezviz.com Product
https://www.ezviz.com/data-security/security-notice/detail/827 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ezviz:cs-c6n-b0-1g2wf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-c6n-b0-1g2wf:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-c6n-r101-1g2wf:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:ezviz:cs-cv310-a0-1b2wfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-1b2wfr:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr-c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr-c:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr-mul:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:ezviz:cs-cv310-a0-3c2wfrl-1080p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-3c2wfrl-1080p:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:ezviz:cs-cv248-a0-32wmfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv248-a0-32wmfr:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:ezviz:lc1c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:lc1c:-:*:*:*:*:*:*:*
History

07 Aug 2023, 19:19

Type Values Removed Values Added
CPE cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr-mul:-:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:lc1c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:lc1c:-:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-c6n-b0-1g2wf:-:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-cv310-a0-1b2wfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-3c2wfrl-1080p:-:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-1b2wfr:-:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv248-a0-32wmfr:-:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr-c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-cv248-a0-32wmfr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr-c:-:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-c6n-b0-1g2wf_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-:*:*:*:*:*:*:*
cpe:2.3:h:ezviz:cs-c6n-r101-1g2wf:-:*:*:*:*:*:*:*
cpe:2.3:o:ezviz:cs-cv310-a0-3c2wfrl-1080p_firmware:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.0
First Time Ezviz cs-cv310-a0-1c2wfr-c
Ezviz cs-c6n-b0-1g2wf Firmware
Ezviz
Ezviz cs-cv310-a0-3c2wfrl-1080p Firmware
Ezviz cs-cv248-a0-32wmfr
Ezviz lc1c
Ezviz cs-cv310-a0-3c2wfrl-1080p
Ezviz cs-cv310-a0-1c2wfr Firmware
Ezviz cs-cv310-a0-1b2wfr Firmware
Ezviz cs-cv248-a0-32wmfr Firmware
Ezviz cs-cv310-a0-1b2wfr
Ezviz cs-c6n-b0-1g2wf
Ezviz cs-cv310-a0-1c2wfr
Ezviz cs-c6n-r101-1g2wf
Ezviz lc1c Firmware
Ezviz cs-c6n-r101-1g2wf Firmware
Ezviz cs-cv310-a0-1c2wfr-c Firmware
Ezviz cs-c6n-a0-1c2wfr-mul Firmware
Ezviz cs-c6n-a0-1c2wfr-mul
References (MISC) http://ezviz.com - (MISC) http://ezviz.com - Product
References (MISC) https://www.ezviz.com/data-security/security-notice/detail/827 - (MISC) https://www.ezviz.com/data-security/security-notice/detail/827 - Vendor Advisory
CWE CWE-787

01 Aug 2023, 18:51

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-01 18:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-34551

Mitre link : CVE-2023-34551

CVE.ORG link : CVE-2023-34551

JSON object : View

Products Affected

ezviz

  • cs-cv310-a0-3c2wfrl-1080p_firmware
  • cs-c6n-r101-1g2wf
  • cs-cv310-a0-1b2wfr
  • cs-c6n-b0-1g2wf
  • cs-cv310-a0-1c2wfr-c
  • cs-cv310-a0-1c2wfr
  • cs-cv310-a0-3c2wfrl-1080p
  • cs-cv248-a0-32wmfr
  • lc1c_firmware
  • lc1c
  • cs-cv310-a0-1c2wfr-c_firmware
  • cs-cv310-a0-1b2wfr_firmware
  • cs-c6n-a0-1c2wfr-mul_firmware
  • cs-c6n-b0-1g2wf_firmware
  • cs-c6n-a0-1c2wfr-mul
  • cs-cv310-a0-1c2wfr_firmware
  • cs-cv248-a0-32wmfr_firmware
  • cs-c6n-r101-1g2wf_firmware
CWE
CWE-787

Out-of-bounds Write


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024