Vulnerability Details CVE-2019-11417
system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused by an inadequate source-length check before a strcpy operation in the respondAsp function. Attackers can exploit the vulnerability by using the languse parameter with a long string. This affects 1.2.2 build 28, 64, 65, and 68.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-11417
-
cpe:2.3:h:trendnet:tv-ip110wn:-
-
cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.28
-
cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.64
-
cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.65
-
cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.68