CVE-2015-2098
HIGHWebgateinc Edvr Manager - Buffer Overflow
Title source: ruleDescription
Multiple stack-based buffer overflows in WebGate eDVR Manager allow remote attackers to execute arbitrary code via unspecified vectors to the (1) Connect, (2) ConnectEx, or (3) ConnectEx2 function in the WESPEvent.WESPEventCtrl.1 control; (4) AudioOnlySiteChannel function in the WESPPlayback.WESPPlaybackCtrl.1 control; (5) Connect or (6) ConnectEx function in the WESPPTZ.WESPPTZCtrl.1 control; (7) SiteChannel property in the WESPPlayback.WESPPlaybackCtrl.1 control; (8) SiteName property in the WESPPlayback.WESPPlaybackCtrl.1 control; or (9) OpenDVrSSite function in the WESPPTZ.WESPPTZCtrl.1 control.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36606
exploitdb
WORKING POC
VERIFIED
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36603
exploitdb
WORKING POC
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36519
References (6)
Scores
CVSS v3
8.8
EPSS
0.4151
EPSS Percentile
97.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (1)
webgateinc/edvr_manager
Published
Jul 22, 2021
Tracked Since
Feb 18, 2026