CVE-2014-8756
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=%20&mm=2010073014092324
References
- http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=%20&mm=2010073014092324
- http://www.zerodayinitiative.com/advisories/ZDI-14-363/
- http://panasonic.net/pcc/cgi-bin/products/netwkcam/download_us/tbookmarka_m.cgi?m=%20&mm=2010073014092324
- http://www.zerodayinitiative.com/advisories/ZDI-14-363/
Verify integrity in audit chain (admin only). AS-IS.