CVE-2013-4981

Name of the Vulnerable Software and Affected Versions AVTECH AVN801 DVR versions 1017-1003-1009-1003 and earlier

Description A buffer overflow issue exists in the cgi-bin/user/Config.cgi component, allowing remote attackers to potentially cause a denial of service (device crash) and possibly execute arbitrary code. This is achieved by sending a long string in the Network.SMTP.Receivers parameter.

Recommendations For AVTECH AVN801 DVR versions 1017-1003-1009-1003 and earlier, consider restricting access to the cgi-bin/user/Config.cgi component until a fix is available, and avoid using long strings in the Network.SMTP.Receivers parameter to minimize the risk of exploitation.