Sony
by Talos
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-3938 | 0.00 | — | 0.02 | Aug 14, 2018 | An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability. | ||
| CVE-2018-3937 | 0.00 | — | 0.04 | Aug 14, 2018 | An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability. |
- CVE-2018-3938Aug 14, 2018risk 0.00cvss —epss 0.02
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.
- CVE-2018-3937Aug 14, 2018risk 0.00cvss —epss 0.04
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability.