CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-6407

An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.197

EPSS Ranking 95.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities/
https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities/

Products affected by CVE-2018-6407

Conceptronic » Cipcamptiwl » Version: 3

cpe:2.3:h:conceptronic:cipcamptiwl:3
Conceptronic » Cipcamptiwl Firmware » Version: 00.30.01.0047p3

cpe:2.3:o:conceptronic:cipcamptiwl_firmware:00.30.01.0047p3
Conceptronic » Cipcamptiwl Web Firmware » Version: 0.61.30.21

cpe:2.3:o:conceptronic:cipcamptiwl_web_firmware:0.61.30.21

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6407

Products

Pricing

Contact Us