CVE-2018-12670

Published Oct 19, 2018

Last updated 4 days ago

CVSS critical 9.8

Overview

Description: SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04629989-19B2-4918-8BF0-595A0D41AF15"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75735EC9-F77D-4631-AD88-05832AEBBDFF"
          },
          {
            "criteria": "cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D34E8126-3534-4675-AC35-10108A27DF81"
          },
          {
            "criteria": "cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14196DC9-EC58-4398-BE34-214ABCC39DE8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170823b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "217C05D7-FD38-4BF4-8CD4-6DB6D3BA208D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sv3c:sv-b01poe-1080p-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75735EC9-F77D-4631-AD88-05832AEBBDFF"
          },
          {
            "criteria": "cpe:2.3:h:sv3c:sv-b11vpoe-1080p-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D34E8126-3534-4675-AC35-10108A27DF81"
          },
          {
            "criteria": "cpe:2.3:h:sv3c:sv-d02poe-1080p-l:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14196DC9-EC58-4398-BE34-214ABCC39DE8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References