Description
Stack-based buffer overflow in UltraCamLib in the UltraCam ActiveX Control (UltraCamX.ocx) for the TRENDnet SecurView camera TV-IP422WN allows remote attackers to execute arbitrary code via a long string to the (1) CGI_ParamSet, (2) OpenFileDlg, (3) SnapFileName, (4) Password, (5) SetCGIAPNAME, (6) AccountCode, or (7) RemoteHost function.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/98948
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/71292
Exploit x_refsource_misc
http://www.zeroscience.mk/codes/trendnet_bof.txt
Exploit x_refsource_misc
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5211.php
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/129262/TRENDnet-SecurView-Wireless-Network-Camera-TV-IP422WN-Buffer-Overflow.html
Scores
EPSS
0.2082
EPSS Percentile
95.6%
Details
CWE
CWE-119
Status
published
Products (2)
trendnet/tv-ip422w
trendnet/tv-ip422wn
Published
Jan 13, 2015
Tracked Since
Feb 18, 2026