Vulnerabilities > CVE-2021-32941 - Out-of-bounds Write vulnerability in Annke N48Pbb Firmware 3.4.106

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

annke

CWE-787

critical

NVD

Published: 2022-05-23

Updated: 2022-06-07

Summary

Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).

Vulnerable Configurations

Part	Description	Count
OS	Annke Annke N48Pbb Firmware * Annke N48Pbb Firmware 3.4.106	3
Hardware	Annke Annke N48Pbb -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.cisa.gov/uscert/ics/advisories/icsa-21-238-02