Heap-based Buffer Overflow in WellinTech KingView Remote Access
CVE-2012-1831

Currently unrated

Key Information:

Vendor: Wellintech
Status: Kingview
Vendor: CVE Published:; 5 July 2012

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 19%

Summary

A critical heap-based buffer overflow vulnerability exists in WellinTech KingView 6.53. Attackers can exploit this flaw by sending specially crafted packets to TCP port 555, potentially enabling remote code execution. This flaw poses significant security risks to systems utilizing KingView, allowing unauthorized users to compromise system integrity and execute arbitrary code.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

POC-CVE-2012-1831
Created by Astrowmist

References

http://www.us-cert.gov/control_systems/pdf/ICSA-12-185-01...

x_refsource_MISC

http://www.wellintech.com/index.php/news/33-patch-for-kin...

x_refsource_CONFIRM

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Nov 26, 2024
👾
Exploit known to exist
Nov 26, 2024
Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 5, 2012