Vulnerabilities > CVE-2020-25785 - Out-of-bounds Write vulnerability in Accfly 720P Firmware 3.10.73/4.15.77

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
accfly
CWE-787
critical

Summary

An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CFtpProtocol::FtpLogin during the update procedure.

Vulnerable Configurations

Part Description Count
OS
Accfly
2
Hardware
Accfly
1

Common Weakness Enumeration (CWE)