Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
> [Suggested description]
> An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s
> 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A
> system crash and reboot can be achieved by submitting a long username
> in excess of 117 characters. The username triggers a buffer overflow
> in the main process controlling operation of the DVR system, rendering
> services unavailable during the reboot operation. A repeated attack
> affects availability as long as the attacker has network access to the
> device.
>
> ------------------------------------------
>
> [Additional Information]
> Hanwah has patched the vulnerability and stated they were releasing in on May 3rd, 2019.
>
> ------------------------------------------
>
> [Vulnerability Type]
> Buffer Overflow
>
> ------------------------------------------
>
> [Vendor of Product]
> Hanwah Techwin
>
> ------------------------------------------
>
> [Affected Product Code Base]
> SRN-472s - 1.07_190502
> SRN-x - All releases prior to May 3, 2019
>
> ------------------------------------------
>
> [Affected Component]
> Network Video Recording hardware.
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Impact Denial of Service]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> To exploit this vulnerability, the attacker must supply a username in
> excess of 117 characters to the login form for the WebViewer console.
>
> ------------------------------------------
>
> [Reference]
> https://www.hanwha-security.com/en/products/video-recorder/nvr/ch4/SRN-472S/overview/
>
> ------------------------------------------
>
> [Has vendor confirmed or acknowledged the vulnerability?]
> true
>
> ------------------------------------------
>
> [Discoverer]
> Dustin Noe, NovCon Solutions LLC
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.