CVE-2019-6973

HIGH

Sricam IP CCTV - DoS

Title source: llm

Description

Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.

Exploits (1)

exploitdb WORKING POC

by Andrew Watson · bashdoshardware

https://www.exploit-db.com/exploits/46261

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/151377/Sricam-gSOAP-2.8-Denial-Of-Service.html

[Third Party Advisory] https://github.com/bitfu/sricam-gsoap2.8-dos-exploit

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46261/

Scores

CVSS v3 7.5

EPSS 0.1254

EPSS Percentile 94.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (1)

genivia/gsoap 2.8.0

Published Mar 21, 2019

Tracked Since Feb 18, 2026