CVE-2018-25297
MEDIUMWansview 1.0.2 Denial of Service via Buffer Overflow
Title source: cnaExploitation Summary
EIP tracks 1 public exploit for CVE-2018-25297. PoCs published by Gionathan Reale.
AI-analyzed exploit summary This Python script generates a buffer overflow payload to trigger a Denial of Service (DoS) in Wansview 1.0.2 by overwriting input fields with a large string of 'A' characters. The exploit creates a file 'exploit.txt' containing the payload, which is then manually pasted into the 'Camera name' and 'DID number' fields during camera addition.
Description
Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Camera name and DID number fields during camera addition to trigger application crashes.
Exploits (1)
This Python script generates a buffer overflow payload to trigger a Denial of Service (DoS) in Wansview 1.0.2 by overwriting input fields with a large string of 'A' characters. The exploit creates a file 'exploit.txt' containing the payload, which is then manually pasted into the 'Camera name' and 'DID number' fields during camera addition.
References (2)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H