Created
August 8, 2019 14:55
-
-
Save dustinnoe/66f91573a0080c9fb2c21819d8805a82 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> [Suggested description] | |
> An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s | |
> 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A | |
> system crash and reboot can be achieved by submitting a long username | |
> in excess of 117 characters. The username triggers a buffer overflow | |
> in the main process controlling operation of the DVR system, rendering | |
> services unavailable during the reboot operation. A repeated attack | |
> affects availability as long as the attacker has network access to the | |
> device. | |
> | |
> ------------------------------------------ | |
> | |
> [Additional Information] | |
> Hanwah has patched the vulnerability and stated they were releasing in on May 3rd, 2019. | |
> | |
> ------------------------------------------ | |
> | |
> [Vulnerability Type] | |
> Buffer Overflow | |
> | |
> ------------------------------------------ | |
> | |
> [Vendor of Product] | |
> Hanwah Techwin | |
> | |
> ------------------------------------------ | |
> | |
> [Affected Product Code Base] | |
> SRN-472s - 1.07_190502 | |
> SRN-x - All releases prior to May 3, 2019 | |
> | |
> ------------------------------------------ | |
> | |
> [Affected Component] | |
> Network Video Recording hardware. | |
> | |
> ------------------------------------------ | |
> | |
> [Attack Type] | |
> Remote | |
> | |
> ------------------------------------------ | |
> | |
> [Impact Denial of Service] | |
> true | |
> | |
> ------------------------------------------ | |
> | |
> [Attack Vectors] | |
> To exploit this vulnerability, the attacker must supply a username in | |
> excess of 117 characters to the login form for the WebViewer console. | |
> | |
> ------------------------------------------ | |
> | |
> [Reference] | |
> https://www.hanwha-security.com/en/products/video-recorder/nvr/ch4/SRN-472S/overview/ | |
> | |
> ------------------------------------------ | |
> | |
> [Has vendor confirmed or acknowledged the vulnerability?] | |
> true | |
> | |
> ------------------------------------------ | |
> | |
> [Discoverer] | |
> Dustin Noe, NovCon Solutions LLC |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment