CVE-2024-41883
Dec. 24, 2024, 6:15 a.m.
Tags
Product(s) Impacted
NVR
Description
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR . An attacker enters a special value for a specific URL parameter, resulting in a NULL pointer reference and a reboot of the NVR. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
Weaknesses
CWE-476
NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
CWE ID: 476Date
Published: Dec. 24, 2024, 6:15 a.m.
Last Modified: Dec. 24, 2024, 6:15 a.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
fc9afe74-3f80-4fb7-a313-e6f036a89882