Buffer Overflow Vulnerability in AVTECH AVN801 DVR
CVE-2013-4980

Currently unrated

Key Information:

Vendor: Avtech
Status: Avn801 Dvr Firmware; Avn801 Dvr
Vendor: CVE Published:; 3 March 2014

What is CVE-2013-4980?

A buffer overflow vulnerability exists in the RTSP Packet Handler of the AVTECH AVN801 DVR, which affects devices running firmware version 1017-1003-1009-1003 and earlier. This flaw can be exploited by remote attackers through a specially crafted long string in the URI of an RTSP SETUP request. Successful exploitation may lead to a denial of service, causing the device to crash, and may also enable the execution of arbitrary code, posing significant security risks to systems utilizing these affected devices.

References

http://seclists.org/fulldisclosure/2013/Aug/284

mailing-listx_refsource_FULLDISC

http://www.coresecurity.com/advisories/avtech-dvr-multipl...

x_refsource_MISC

http://osvdb.org/96692

vdb-entryx_refsource_OSVDB

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 3, 2014
Vulnerability Reserved
Jul 29, 2013

Avtech

What is CVE-2013-4980?

References

EPSS Score

Timeline