Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.so.1 in rtsp_svc (or cause a crash). This allows remote takeover of a Furbo Dog Camera, for example. NOTE: The vendor states that the RTSP library is used for DEMO only, using it in product is a customer's behavior. Ambarella has emphasized that RTSP is DEMO only library, should NOT be used in product in our document. Because Ambarella's SDK is proprietary, we didn't publish our SDK source code in public network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ambarella Oryx RTSP Server 缓冲区错误漏洞
Vulnerability Description
Ambarella Oryx RTSP Server是美国Ambarella公司的一个应用软件。通过从高分辨率视频流中提取有价值的数据,使相机更加智能。 Ambarella Oryx RTSP Server 2020-01-07 存在缓冲区错误漏洞,该漏洞允许未经认证的攻击者可利用该漏洞发送一个精心制作的RTSP请求,带有一个长摘要认证头,以执行libamprotocol- RTSP . . o中的解析认证头()中的任意代码。1在RTSP SVC(或导致崩溃)。例如,这允许远程接管Furbo的狗相机。
CVSS Information
N/A
Vulnerability Type
N/A