Vulnerability Details CVE-2022-3001
This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the targeted network camera. Successful exploitation of this vulnerability could allow the attacker to cause a Denial of Service condition on the targeted device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-3001
-
cpe:2.3:h:milesight:video_management_systems:-
-
cpe:2.3:o:milesight:video_management_systems_firmware:-
-
cpe:2.3:o:milesight:video_management_systems_firmware:40.7.0.79