CVE-2021-27232

HIGH

Pelco Digital Sentry Server 7.18.72.11464 - Buffer Overflow

Title source: llm
STIX 2.1

Description

The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered.

Scores

CVSS v3 8.8
EPSS 0.0174
EPSS Percentile 75.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
pelco/digital_sentry_server 7.18.72.11464
Published Feb 16, 2021
Tracked Since Feb 18, 2026