Vulnerability Details CVE-2019-14707
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.8%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
Products affected by CVE-2019-14707
-
cpe:2.3:h:microdigital:mdc-n2190v:-
-
cpe:2.3:h:microdigital:mdc-n4090:-
-
cpe:2.3:h:microdigital:mdc-n4090w:-
-
cpe:2.3:o:microdigital:mdc-n2190v_firmware:-
-
cpe:2.3:o:microdigital:mdc-n2190v_firmware:6400.0.8.5
-
cpe:2.3:o:microdigital:mdc-n4090_firmware:-
-
cpe:2.3:o:microdigital:mdc-n4090_firmware:6400.0.8.5
-
cpe:2.3:o:microdigital:mdc-n4090w_firmware:-
-
cpe:2.3:o:microdigital:mdc-n4090w_firmware:6400.0.8.5