PT-2012-5336 · Samsung · Stwconfignvr+2

Luigi Auriemma

Published

2012-08-14

Updated

2017-08-29

CVE-2012-4334

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Samsung NET-i viewer versions 1.37.120316

Description The issue allows remote attackers to execute arbitrary code. It is related to the ConnectDDNS method in the STWConfigNVR and STWConfig ActiveX controls.

Recommendations For Samsung NET-i viewer version 1.37.120316, consider disabling the ConnectDDNS method in the STWConfigNVR and STWConfig ActiveX controls as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-4334

Affected Products

Stwconfig

Stwconfignvr

Samsung Net-I Viewer

PT-2012-5336 · Samsung · Stwconfignvr+2

CVE-2012-4334

Related Identifiers

Affected Products

References · 6