漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Sricam DeviceViewer 3.12.0.1 Local Buffer Overflow DEP Bypass
Vulnerability Description
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User Management to trigger a stack-based buffer overflow and execute commands via ROP chain gadgets.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Sricam DeviceViewer 安全漏洞
Vulnerability Description
Sricam DeviceViewer是中国施瑞安(Sricam)公司的一个监控视频管理软件。 Sricam DeviceViewer 3.12.0.1版本存在安全漏洞,该漏洞源于用户管理添加用户功能存在栈缓冲区溢出,可能导致经过身份验证的攻击者执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A