CVE-2023-5038

June 25, 2024, 12:24 p.m.

Tags

CWE-248
2024-06-25
CVE-2023-5038
fc9afe74-3f80-4fb7-a313-e6f036a89882

Product(s) Impacted

UNKNOWN

Description

badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

Weaknesses

CWE-248
Uncaught Exception

An exception is thrown from a function, but it is not caught.

CWE ID: 248

Date

Published: June 25, 2024, 3:15 a.m.

Last Modified: June 25, 2024, 12:24 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

fc9afe74-3f80-4fb7-a313-e6f036a89882

References

https://www.hanwhavision.com/wp-content/uploads/2024/06/Camera-Vulnerability-Report-CVE-2023-5037-5038.pdf
fc9afe74-3f80-4fb7-a313-e6f036a89882