CVE-2018-18601

HIGH

Guardzilla GZ621W Firmware 0.5.1.4 - Buffer Overflow in TK_set_deviceModel_req_handle

Title source: llm

Description

The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://labs.bitdefender.com/2018/12/iot-report-major-flaws-in-guardzilla-cameras-allow-remote-hijack-of-the-security-device/

Scores

CVSS v3 8.1

EPSS 0.0115

EPSS Percentile 63.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-119

Status published

Products (1)

guardzilla/gz621w_firmware 0.5.1.4

Published Dec 31, 2018

Tracked Since Feb 18, 2026