Buffer Overflow in Lorex Edge Security Cameras – INetViewX ActiveX Control
CVE-2014-1201

Currently unrated

Key Information:

Vendor
CVE Published:
15 January 2014

What is CVE-2014-1201?

A buffer overflow vulnerability in the INetViewX ActiveX control for Lorex Edge security cameras can be exploited by remote attackers. This issue arises from improper handling of the HTTP_PORT parameter, allowing attackers to send a specially crafted long string that may lead to a denial of service event, potentially crashing the system, and may also enable arbitrary code execution. Users of Lorex Edge LH310, Edge+ LH320, Edge2 LH330, and Edge3 LH340 series should be aware of this vulnerability and consider necessary updates to mitigate risks.

References

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.