Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
iSmartViewPro 1.5 Buffer Overflow via SavePath Parameter
Vulnerability Description
iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to overwrite SEH records and execute shellcode with application privileges.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Smarteye iSmartViewPro 安全漏洞
Vulnerability Description
Smarteye iSmartViewPro是中国Smarteye公司的一个网络摄像头远程监控应用。 Smarteye iSmartViewPro 1.5版本存在安全漏洞,该漏洞源于Save Path for Snapshot and Record file字段存在结构化异常处理缓冲区溢出,可能导致本地攻击者通过System Setup界面输入超过260字节的构造有效载荷覆盖SEH记录并以应用程序权限执行shellcode。
CVSS Information
N/A
Vulnerability Type
N/A