VAR-201909-1498
Vulnerability from variot - Updated: 2024-11-23 22:05An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117 characters. The username triggers a buffer overflow in the main process controlling operation of the DVR system, rendering services unavailable during the reboot operation. A repeated attack affects availability as long as the attacker has network access to the device. Hanwah Techwin SRN-472s and SRN-x The device contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Hanwah Techwin SRN-472s is a network video recorder produced by Hanwah Techwin in Korea. NVR WebViewer is a set of web-based surveillance video management system running in it. The NVR WebViewer in Hanwah Techwin SRN-472s version 1.07_190502 and other SRN series products (before 2019-05-03) has a buffer error vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1498",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "srn-873s",
"scope": "lt",
"trust": 1.0,
"vendor": "hanwha security",
"version": "2019-05-03"
},
{
"model": "srn-472s",
"scope": "eq",
"trust": 1.0,
"vendor": "hanwha security",
"version": "1.07_190502"
},
{
"model": "srn-1673s",
"scope": "lt",
"trust": 1.0,
"vendor": "hanwha security",
"version": "2019-05-03"
},
{
"model": "srn-1673s",
"scope": "eq",
"trust": 0.8,
"vendor": "hanwha techwin",
"version": "2019/05/03"
},
{
"model": "srn-472s",
"scope": "eq",
"trust": 0.8,
"vendor": "hanwha techwin",
"version": "1.07_190502"
},
{
"model": "srn-873s",
"scope": "eq",
"trust": 0.8,
"vendor": "hanwha techwin",
"version": "2019/05/03"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:hanwhasecurity:srn-1673s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hanwhasecurity:srn-472s_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hanwhasecurity:srn-873s_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
}
]
},
"cve": "CVE-2019-12223",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-12223",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-143948",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-12223",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-12223",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-12223",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-213",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-143948",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143948"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
},
{
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117 characters. The username triggers a buffer overflow in the main process controlling operation of the DVR system, rendering services unavailable during the reboot operation. A repeated attack affects availability as long as the attacker has network access to the device. Hanwah Techwin SRN-472s and SRN-x The device contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Hanwah Techwin SRN-472s is a network video recorder produced by Hanwah Techwin in Korea. NVR WebViewer is a set of web-based surveillance video management system running in it. The NVR WebViewer in Hanwah Techwin SRN-472s version 1.07_190502 and other SRN series products (before 2019-05-03) has a buffer error vulnerability. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12223"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "VULHUB",
"id": "VHN-143948"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12223",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-213",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-143948",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143948"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
},
{
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"id": "VAR-201909-1498",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-143948"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:05:59.643000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SRN-472S",
"trust": 0.8,
"url": "https://www.hanwha-security.com/en/products/video-recorder/nvr/ch4/SRN-472S/overview/"
},
{
"title": "Hanwah Techwin SRN-472s and other SRN Series products NVR WebViewer Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=97971"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143948"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://gist.github.com/dustinnoe/66f91573a0080c9fb2c21819d8805a82"
},
{
"trust": 1.7,
"url": "https://www.hanwha-security.com/en/products/video-recorder/nvr/ch4/srn-472s/overview/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12223"
},
{
"trust": 1.0,
"url": "https://medium.com/%40noe.dustin/samsung-webviewer-remote-dos-vulberability-cve-2019-12223-5f4afbc83fbd"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12223"
},
{
"trust": 0.7,
"url": "https://medium.com/@noe.dustin/samsung-webviewer-remote-dos-vulberability-cve-2019-12223-5f4afbc83fbd"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-143948"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
},
{
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-143948"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
},
{
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-143948"
},
{
"date": "2019-09-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"date": "2019-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-213"
},
{
"date": "2019-09-05T15:15:11.783000",
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-06T00:00:00",
"db": "VULHUB",
"id": "VHN-143948"
},
{
"date": "2019-09-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008962"
},
{
"date": "2019-09-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-213"
},
{
"date": "2024-11-21T04:22:27.613000",
"db": "NVD",
"id": "CVE-2019-12223"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hanwah Techwin SRN-472s and SRN-x Device buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008962"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-213"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…