Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for mdc-n4090w by microdigital

    VAR-201908-0516

    Vulnerability from variot - Updated: 2025-01-30 20:18

    A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. MicroDigital N-series camera Vulnerabilities related to certificate and password management exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera from South Korean MICRODIGITAL company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0516",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          }
        ]
      },
      "cve": "CVE-2019-14709",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14709",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-42769",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-146682",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14709",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14709",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14709",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-42769",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-465",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146682",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems. MicroDigital N-series camera Vulnerabilities related to certificate and password management exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera from South Korean MICRODIGITAL company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14709",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769",
            "trust": 0.6
          },
          {
            "db": "OTHER",
            "id": "NONE",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "id": "VAR-201908-0516",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          }
        ],
        "trust": 1.8
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          },
          {
            "category": [
              "camera device"
            ],
            "sub_category": "camera",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          }
        ]
      },
      "last_update_date": "2025-01-30T20:18:10.137000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-522",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-255",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.3,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 2.3,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14709"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14709"
          },
          {
            "trust": 0.1,
            "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
          }
        ],
        "sources": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "OTHER",
            "id": null
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          },
          {
            "date": "2019-08-06T23:15:12.993000",
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-11-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146682"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007598"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          },
          {
            "date": "2024-11-21T04:27:11.627000",
            "db": "NVD",
            "id": "CVE-2019-14709"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series cameras Trust Management Issue Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-42769"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "trust management problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-465"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0511

    Vulnerability from variot - Updated: 2024-11-23 23:04

    An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field. MicroDigital N-series camera Contains a server-side request forgery vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. MICRODIGITAL N-series cameras is an N-series network camera produced by Korea MICRODIGITAL Company. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0511",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          }
        ]
      },
      "cve": "CVE-2019-14704",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14704",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-146677",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14704",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14704",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14704",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-457",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146677",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 via FTP commands following a newline character in the uploadfile field. MicroDigital N-series camera Contains a server-side request forgery vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. MICRODIGITAL N-series cameras is an N-series network camera produced by Korea MICRODIGITAL Company. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14704",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-146677",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "id": "VAR-201908-0511",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:04:43.985000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-918",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14704"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14704"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          },
          {
            "date": "2019-08-06T23:15:12.633000",
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146677"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          },
          {
            "date": "2024-11-21T04:27:10.923000",
            "db": "NVD",
            "id": "CVE-2019-14704"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Firmware vulnerabilities in server-side request forgery",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007593"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-457"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0507

    Vulnerability from variot - Updated: 2024-11-23 22:58

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists. MicroDigital N-series camera Contains a path traversal vulnerability.Information may be obtained. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. An attacker could use this vulnerability to access locations outside the restricted directory. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0507",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          }
        ]
      },
      "cve": "CVE-2019-14700",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14700",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-33865",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-146673",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14700",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14700",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14700",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33865",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-453",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146673",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. There is disclosure of the existence of arbitrary files via Path Traversal in HTTPD. This occurs because the filename specified in the TZ parameter is accessed with a substantial delay if that file exists. MicroDigital N-series camera Contains a path traversal vulnerability.Information may be obtained. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. An attacker could use this vulnerability to access locations outside the restricted directory. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14700",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "id": "VAR-201908-0507",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:58:37.045000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14700"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14700"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          },
          {
            "date": "2019-08-06T23:15:12.290000",
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33865"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146673"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          },
          {
            "date": "2024-11-21T04:27:10.347000",
            "db": "NVD",
            "id": "CVE-2019-14700"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Path traversal vulnerability in some firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007512"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-453"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0512

    Vulnerability from variot - Updated: 2024-11-23 22:48

    An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin. MicroDigital N-series camera There is an access control vulnerability in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company.

    MicroDigital N-series cameras have an access control error vulnerability. No detailed vulnerability details are provided at this time. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0512",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          }
        ]
      },
      "cve": "CVE-2019-14705",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2019-14705",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2019-33869",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-146678",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2019-14705",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14705",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14705",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33869",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-458",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146678",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An Incorrect Access Control issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5 because any valid cookie can be used to make requests as an admin. MicroDigital N-series camera There is an access control vulnerability in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. \n\nMicroDigital N-series cameras have an access control error vulnerability. No detailed vulnerability details are provided at this time. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14705",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "id": "VAR-201908-0512",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:48:20.369000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14705"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14705"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          },
          {
            "date": "2019-08-06T23:15:12.697000",
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33869"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146678"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          },
          {
            "date": "2020-10-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          },
          {
            "date": "2024-11-21T04:27:11.063000",
            "db": "NVD",
            "id": "CVE-2019-14705"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Vulnerabilities related to access control in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007594"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-458"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0506

    Vulnerability from variot - Updated: 2024-11-23 22:44

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server. MicroDigital N-series camera The firmware of OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company.

    MicroDigital N-series cameras have an operating system command injection vulnerability. An attacker could use this vulnerability to execute illegal operating system commands. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0506",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          }
        ]
      },
      "cve": "CVE-2019-14699",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14699",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-33860",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-146671",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14699",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14699",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14699",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33860",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-452",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146671",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server. MicroDigital N-series camera The firmware of OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. \n\nMicroDigital N-series cameras have an operating system command injection vulnerability. An attacker could use this vulnerability to execute illegal operating system commands. The vulnerability stems from the fact that the network system or product does not correctly filter special characters, commands, etc. in the process of constructing executable commands of the operating system from external input data",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14699",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "id": "VAR-201908-0506",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:44:55.831000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14699"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14699"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          },
          {
            "date": "2019-08-06T23:15:12.227000",
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33860"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146671"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          },
          {
            "date": "2024-11-21T04:27:10.190000",
            "db": "NVD",
            "id": "CVE-2019-14699"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera In the firmware  OS Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007511"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-452"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0509

    Vulnerability from variot - Updated: 2024-11-23 22:41

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. SQL injection vulnerabilities exist in 13 forms that are reachable through HTTPD. An attacker can, for example, create an admin account. MicroDigital N-series camera The firmware of SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company.

    MicroDigital N-series cameras have a SQL injection vulnerability. An attacker could use this vulnerability to execute illegal SQL commands. The vulnerability stems from the lack of verification of externally input SQL statements in database-based applications

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0509",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          }
        ]
      },
      "cve": "CVE-2019-14702",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14702",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-33864",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-146675",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14702",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14702",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14702",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33864",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-455",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146675",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. SQL injection vulnerabilities exist in 13 forms that are reachable through HTTPD. An attacker can, for example, create an admin account. MicroDigital N-series camera The firmware of SQL An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. \n\nMicroDigital N-series cameras have a SQL injection vulnerability. An attacker could use this vulnerability to execute illegal SQL commands. The vulnerability stems from the lack of verification of externally input SQL statements in database-based applications",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14702",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "id": "VAR-201908-0509",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:41:22.784000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-89",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14702"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14702"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          },
          {
            "date": "2019-08-06T23:15:12.430000",
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146675"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007508"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          },
          {
            "date": "2024-11-21T04:27:10.630000",
            "db": "NVD",
            "id": "CVE-2019-14702"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series cameras SQL injection vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33864"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "SQL injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-455"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0505

    Vulnerability from variot - Updated: 2024-11-23 22:33

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. In a CGI program running under the HTTPD web server, a buffer overflow in the param parameter leads to remote code execution in the context of the nobody account. MicroDigital N-series camera Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera produced by Korea MICRODIGITAL Company. A buffer error vulnerability exists in the 'param' parameter in MICRODIGITAL N-series cameras using firmware 6400.0.8.5 and earlier. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0505",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          }
        ]
      },
      "cve": "CVE-2019-14698",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14698",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-146670",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14698",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14698",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14698",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-451",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146670",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-14698",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14698"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. In a CGI program running under the HTTPD web server, a buffer overflow in the param parameter leads to remote code execution in the context of the nobody account. MicroDigital N-series camera Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera produced by Korea MICRODIGITAL Company. A buffer error vulnerability exists in the \u0027param\u0027 parameter in MICRODIGITAL N-series cameras using firmware 6400.0.8.5 and earlier. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14698"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14698",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-146670",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14698",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14698"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "id": "VAR-201908-0505",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:33:48.171000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 1.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.8,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14698"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14698"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165079"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14698"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14698"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-14698"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          },
          {
            "date": "2019-08-06T23:15:12.133000",
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146670"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-14698"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          },
          {
            "date": "2024-11-21T04:27:10.023000",
            "db": "NVD",
            "id": "CVE-2019-14698"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Buffer error vulnerability in some firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007510"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-451"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0515

    Vulnerability from variot - Updated: 2024-11-23 22:29

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account. MicroDigital N-series camera Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company.

    MicroDigital N-series cameras have a buffer overflow vulnerability

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0515",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          }
        ]
      },
      "cve": "CVE-2019-14708",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14708",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-33866",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-146681",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14708",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14708",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14708",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33866",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-464",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146681",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. A buffer overflow in the action parameter leads to remote code execution in the context of the nobody account. MicroDigital N-series camera Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. \n\nMicroDigital N-series cameras have a buffer overflow vulnerability",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14708",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "id": "VAR-201908-0515",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:29:58.883000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14708"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14708"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          },
          {
            "date": "2019-08-06T23:15:12.917000",
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33866"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146681"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          },
          {
            "date": "2024-11-21T04:27:11.483000",
            "db": "NVD",
            "id": "CVE-2019-14708"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Buffer error vulnerability in some firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007597"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-464"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0508

    Vulnerability from variot - Updated: 2024-11-23 22:16

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random. MicroDigital N-series camera Contains a path traversal vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera produced by Korea MICRODIGITAL Company. A path traversal vulnerability exists in the 'TZ' parameter in MICRODIGITA N-series cameras using firmware 6400.0.8.5 and earlier. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0508",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          }
        ]
      },
      "cve": "CVE-2019-14701",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14701",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-146674",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14701",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14701",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14701",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-454",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146674",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-14701",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14701"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can trigger read operations on an arbitrary file via Path Traversal in the TZ parameter, but cannot retrieve the data that is read. This causes a denial of service if the filename is, for example, /dev/random. MicroDigital N-series camera Contains a path traversal vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MICRODIGITAL N-series cameras is an N-series network camera produced by Korea MICRODIGITAL Company. A path traversal vulnerability exists in the \u0027TZ\u0027 parameter in MICRODIGITA N-series cameras using firmware 6400.0.8.5 and earlier. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14701"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14701",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-146674",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14701",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14701"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "id": "VAR-201908-0508",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:16:55.624000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 1.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.8,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14701"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14701"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/22.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14701"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14701"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-14701"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          },
          {
            "date": "2019-08-06T23:15:12.367000",
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146674"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-14701"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          },
          {
            "date": "2024-11-21T04:27:10.500000",
            "db": "NVD",
            "id": "CVE-2019-14701"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Path traversal vulnerability in some firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007507"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-454"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0510

    Vulnerability from variot - Updated: 2024-11-23 22:11

    A CSRF issue was discovered in webparam?user&action=set&param=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account. MicroDigital N-series camera Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company.

    MicroDigital N-series cameras have a cross-site request forgery vulnerability. An attacker could use this vulnerability to send an unexpected request to the server through an affected client. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0510",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          }
        ]
      },
      "cve": "CVE-2019-14703",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2019-14703",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CNVD-2019-33863",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-146676",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2019-14703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14703",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14703",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33863",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-456",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146676",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-14703",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A CSRF issue was discovered in webparam?user\u0026action=set\u0026param=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account. MicroDigital N-series camera Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. \n\nMicroDigital N-series cameras have a cross-site request forgery vulnerability. An attacker could use this vulnerability to send an unexpected request to the server through an affected client. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14703"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14703",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14703",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "id": "VAR-201908-0510",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:11:56.004000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14703"
          },
          {
            "trust": 1.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.8,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14703"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/352.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-14703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-14703"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          },
          {
            "date": "2019-08-06T23:15:12.557000",
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146676"
          },
          {
            "date": "2019-08-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-14703"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007509"
          },
          {
            "date": "2019-08-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          },
          {
            "date": "2024-11-21T04:27:10.777000",
            "db": "NVD",
            "id": "CVE-2019-14703"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series cameras Cross-Site Request Forgery Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33863"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "cross-site request forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-456"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0514

    Vulnerability from variot - Updated: 2024-11-23 22:06

    An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI. MicroDigital N-series camera Vulnerabilities related to security functions exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company.

    MicroDigital N-series cameras have a security feature vulnerability. An attacker could exploit this vulnerability to execute code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0514",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          }
        ]
      },
      "cve": "CVE-2019-14707",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2019-14707",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2019-33867",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "VHN-146680",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2019-14707",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14707",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14707",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33867",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-462",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146680",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system\u0026action=set\u0026upgrade URI. MicroDigital N-series camera Vulnerabilities related to security functions exist in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras is an N-series network camera from South Korean MicroDigital company. \n\nMicroDigital N-series cameras have a security feature vulnerability. An attacker could exploit this vulnerability to execute code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14707",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "id": "VAR-201908-0514",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:06:06.349000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-254",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14707"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14707"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          },
          {
            "date": "2019-08-06T23:15:12.853000",
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33867"
          },
          {
            "date": "2020-08-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146680"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          },
          {
            "date": "2024-11-21T04:27:11.337000",
            "db": "NVD",
            "id": "CVE-2019-14707"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Vulnerabilities related to security functions in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007596"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "security feature problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-462"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201908-0513

    Vulnerability from variot - Updated: 2024-11-23 21:52

    A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because of a buffer overflow in a Bash command string. MicroDigital N-series camera Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras are IP cameras launched by MicroDigital.

    MicroDigital N-series cameras have a buffer overflow vulnerability. An attacker could exploit this vulnerability to cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201908-0513",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "mdc-n2190v",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "mdc-n4090w",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "microdigital",
            "version": "6400.0.8.5"
          },
          {
            "model": "n-series cameras",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "microdigital",
            "version": "\u003c=6400.0.8.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n2190v_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microdigital:mdc-n4090w_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          }
        ]
      },
      "cve": "CVE-2019-14706",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2019-14706",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-33868",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-146679",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2019-14706",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.8,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2019-14706",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2019-14706",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-33868",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201908-460",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-146679",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A denial of service issue in HTTPD was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker without authorization can upload a file to upload.php with a filename longer than 256 bytes. This will be placed in the updownload area. It will not be deleted, because of a buffer overflow in a Bash command string. MicroDigital N-series camera Contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. MicroDigital N-series cameras are IP cameras launched by MicroDigital. \n\nMicroDigital N-series cameras have a buffer overflow vulnerability. An attacker could exploit this vulnerability to cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-14706",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "id": "VAR-201908-0513",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          }
        ],
        "trust": 1.7
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "IoT"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:52:01.856000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page (kr)",
            "trust": 0.8,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "title": "Top Page (ru)",
            "trust": 0.8,
            "url": "https://www.microdigital.ru/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://pastebin.com/psyqqs1g"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14706"
          },
          {
            "trust": 1.7,
            "url": "http://www.microdigital.co.kr/"
          },
          {
            "trust": 1.7,
            "url": "https://www.microdigital.ru/"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14706"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "date": "2019-08-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          },
          {
            "date": "2019-08-06T23:15:12.757000",
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-09-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-33868"
          },
          {
            "date": "2019-08-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-146679"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          },
          {
            "date": "2019-08-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          },
          {
            "date": "2024-11-21T04:27:11.197000",
            "db": "NVD",
            "id": "CVE-2019-14706"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "MicroDigital N-series camera Buffer error vulnerability in some firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-007595"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201908-460"
          }
        ],
        "trust": 0.6
      }
    }