Vulnerability Details CVE-2016-2356
Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.035
EPSS Ranking 87.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://kirils.org/slides/2016-10-06_Milesight_initial.pdf
- https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/
- https://www.youtube.com/watch?v=scckkI7CAW0
- http://kirils.org/slides/2016-10-06_Milesight_initial.pdf
- https://possiblesecurity.com/news/vulnerabilities-of-milesight-ip-security-cameras/
- https://www.youtube.com/watch?v=scckkI7CAW0
Products affected by CVE-2016-2356
-
cpe:2.3:h:milesight:ip_security_camera:-
-
cpe:2.3:o:milesight:ip_security_camera_firmware:-
-
cpe:2.3:o:milesight:ip_security_camera_firmware:2016-11-14