CVE-2020-3507— Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-3507
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP camera. These vulnerabilities are due to missing checks when the IP cameras process a Cisco Discovery Protocol packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to the targeted IP camera. A successful exploit could allow the attacker to execute code on the affected IP camera or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Video Surveillance 8000 Series IP Cameras 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Surveillance 8000 Series IP Cameras是美国思科(Cisco)公司的一个网路摄像头。 使用1.0.9-4之前版本固件的Cisco?Video Surveillance 8000 Series IP Cameras中Cisco Discovery Protocol的实现存在输入验证错误漏洞,该漏洞源于在IP摄像头处理Cisco Discovery Protocol数据包时,程序没有对其进行检查。攻击者可通过发送恶意的Cisco Discovery Protocol
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Video Surveillance 8000 Series IP Cameras | n/a | - |
II. Public POCs for CVE-2020-3507
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-3507
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipcameras-rce-dos-uPyJYxN3vendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2020-3507
Same Patch Batch · Cisco · 2020-08-26 · 22 CVEs total
| CVE-2020-3506 | 8.8 HIGH | Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execu |
| CVE-2020-3443 | 8.8 HIGH | Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability |
| CVE-2020-3523 | 6.5 MEDIUM | Cisco Data Center Network Manager Cross-Site Scripting Vulnerability |
| CVE-2020-3518 | 6.5 MEDIUM | Cisco Data Center Network Manager Cross-Site Scripting Vulnerability |
| CVE-2020-3505 | 6.5 MEDIUM | Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulne |
| CVE-2020-3485 | 6.3 MEDIUM | Cisco Vision Dynamic Signage Director Role-Based Access Control Vulnerability |
| CVE-2020-3522 | 6.3 MEDIUM | Cisco Data Center Network Manager Authorization Bypass Vulnerability |
| CVE-2020-3491 | 5.5 MEDIUM | Cisco Vision Dynamic Signage Director Stored Cross-Site Scripting Vulnerability |
| CVE-2020-3520 | 5.5 MEDIUM | Cisco Data Center Network Manager Information Disclosure Vulnerability |
| CVE-2020-3484 | 5.3 MEDIUM | Cisco Vision Dynamic Signage Director Directory Traversal Information Disclosure Vulnerabi |
| CVE-2020-3521 | 5.3 MEDIUM | Cisco Data Center Network Manager Read File Path Traversal Vulnerability |
| CVE-2020-3490 | 4.9 MEDIUM | Cisco Vision Dynamic Signage Director Path Traversal Vulnerability |
| CVE-2020-3466 | Cisco DNA Center Cross-Site Scripting Vulnerabilities | |
| CVE-2020-3151 | Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability | |
| CVE-2020-3496 | Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability | |
| CVE-2020-3446 | Cisco vWAAS for Cisco ENCS 5400-W Series and CSP 5000-W Series Default Credentials Vulnera | |
| CVE-2020-3440 | Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability | |
| CVE-2020-3439 | Cisco Data Center Network Manager Stored Cross-Site Scripting Vulnerability | |
| CVE-2020-3519 | Cisco Data Center Network Manager Path Traversal Vulnerability | |
| CVE-2020-3389 | Cisco Hyperflex HX-Series Software Weak Storage Vulnerability |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco Video Surveillance 8000 Series IP Cameras
- CVE-2021-1521
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discov - CVE-2021-1131
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discov - CVE-2020-3544
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discov - CVE-2020-3543
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discov - CVE-2020-3505
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discov
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-20
V. Comments for CVE-2020-3507
No comments yet