Vulnerability Details CVE-2019-14701
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-14701
-
cpe:2.3:h:microdigital:mdc-n2190v:-
-
cpe:2.3:h:microdigital:mdc-n4090:-
-
cpe:2.3:h:microdigital:mdc-n4090w:-
-
cpe:2.3:o:microdigital:mdc-n2190v_firmware:-
-
cpe:2.3:o:microdigital:mdc-n2190v_firmware:6400.0.8.5
-
cpe:2.3:o:microdigital:mdc-n4090_firmware:-
-
cpe:2.3:o:microdigital:mdc-n4090_firmware:6400.0.8.5
-
cpe:2.3:o:microdigital:mdc-n4090w_firmware:-
-
cpe:2.3:o:microdigital:mdc-n4090w_firmware:6400.0.8.5