Vulnerabilities > CVE-2020-12763 - Out-of-bounds Write vulnerability in Trendnet Tv-Ip512Wn Firmware 1.0.4

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

trendnet

CWE-787

critical

NVD

Published: 2020-05-13

Updated: 2020-05-15

Summary

TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd (in /sbin) when parsing a long "Authorization: Basic" RTSP header.

Vulnerable Configurations

Part	Description	Count
OS	Trendnet Trendnet TV Ip512Wn Firmware 1.0.4	1
Hardware	Trendnet Trendnet TV Ip512Wn V1.0R	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://payatu.com/blog/munawwar/trendNet-wireless-camera-buffer-overflow-vulnerability