Buffer Overflow Vulnerability in AVTECH AVN801 DVR
CVE-2013-4980

Currently unrated

Key Information:

Vendor

Avtech

Status
Avn801 Dvr Firmware
Avn801 Dvr
Vendor
CVE Published:
3 March 2014

What is CVE-2013-4980?

A buffer overflow vulnerability exists in the RTSP Packet Handler of the AVTECH AVN801 DVR, which affects devices running firmware version 1017-1003-1009-1003 and earlier. This flaw can be exploited by remote attackers through a specially crafted long string in the URI of an RTSP SETUP request. Successful exploitation may lead to a denial of service, causing the device to crash, and may also enable the execution of arbitrary code, posing significant security risks to systems utilizing these affected devices.

References

http://seclists.org/fulldisclosure/2013/Aug/284
mailing-listx_refsource_FULLDISC
http://www.coresecurity.com/advisories/avtech-dvr-multipl...
x_refsource_MISC
http://osvdb.org/96692
vdb-entryx_refsource_OSVDB

EPSS Score

26% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2013-4980 : Buffer Overflow Vulnerability in AVTECH AVN801 DVR