CVE-2011-3828 - Code Injection vulnerability in Sunplus Tech DVR Remote Activex Control 2.1.0.39

Publication

2011-11-26

Last modification

2018-10-09

Summary

DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote attackers to execute arbitrary code via a crafted DVRobot.dll file in a manifest directory on a web server.

Description

DVR Remote ActiveX Control is prone to a vulnerability that lets attackers execute arbitrary code.An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.DVR Remote ActiveX Control 2.1.0.39 is vulnerable; other versions may also be affected.

Solution

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: info@vumetric.com.

Exploit

A general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project; please see the references for more information.

Classification

CWE-94 - Code Injection

Risk level (CVSS AV:N/AC:M/Au:N/C:C/I:C/A:C)

High

9.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products