CVE-2013-4980

Name of the Vulnerable Software and Affected Versions AVTECH AVN801 DVR versions 1017-1003-1009-1003 and earlier

Description The issue is related to a buffer overflow in the RTSP Packet Handler, which can be triggered by a long string in the URI in an RTSP SETUP request, such as "/rtsp/setup". This can cause a denial of service, resulting in a device crash, and potentially allow the execution of arbitrary code.

Recommendations For AVTECH AVN801 DVR versions 1017-1003-1009-1003 and earlier, update the firmware to a version later than 1017-1003-1009-1003 to resolve the issue. As a temporary workaround, consider restricting access to the RTSP SETUP request to minimize the risk of exploitation.