Vulnerability Details CVE-2023-43755
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2.1.6.05 are
vulnerable to multiple instances of stack-based overflows. During the
processing and parsing of certain fields in XML elements from incoming
network requests, the product does not sufficiently check or validate
allocated buffer size. This may lead to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-43755
-
cpe:2.3:h:zavio:b8220:-
-
cpe:2.3:h:zavio:b8520:-
-
cpe:2.3:h:zavio:cb3211:-
-
cpe:2.3:h:zavio:cb3212:-
-
cpe:2.3:h:zavio:cb5220:-
-
cpe:2.3:h:zavio:cb6231:-
-
cpe:2.3:h:zavio:cd321:-
-
cpe:2.3:h:zavio:cf7201:-
-
cpe:2.3:h:zavio:cf7300:-
-
cpe:2.3:h:zavio:cf7500:-
-
cpe:2.3:h:zavio:cf7501:-
-
cpe:2.3:o:zavio:b8220_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:b8520_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cb3211_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cb3212_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cb5220_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cb6231_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cd321_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cf7201_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cf7300_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cf7500_firmware:m2.1.6.05
-
cpe:2.3:o:zavio:cf7501_firmware:m2.1.6.05