CVE-2013-4977

Name of the Vulnerable Software and Affected Versions Hikvision DS-2CD7153-E IP camera version 4.1.0 b130111

Description The issue is related to a buffer overflow in the RTSP Packet Handler, which can be triggered by a long string in the Range header field in an RTSP transaction. This can cause a denial of service, resulting in a device crash and reboot, and potentially allow the execution of arbitrary code.

Recommendations For Hikvision DS-2CD7153-E IP camera version 4.1.0 b130111, consider restricting access to the RTSP Packet Handler until a patch is available. As a temporary workaround, avoid using long strings in the Range header field in RTSP transactions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.