PT-2020-7583 · Swann · Swann Dvr-16Cif+3

Someluser

Published

2020-03-21

Updated

2020-03-25

CVE-2013-7487

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices (affected versions not specified)

Description The raysharpdvr application has a vulnerable call to system, which allows remote attackers to execute arbitrary code via TCP port 9000. This issue affects Swann DVR devices and can be exploited by remote attackers.

Recommendations For Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, consider restricting access to TCP port 9000 as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2013-7487

Affected Products

Swann Dvr-16Cif

Swann Dvr04B

Swann Dvr08B

Swann Dvr16B

PT-2020-7583 · Swann · Swann Dvr-16Cif+3

CVE-2013-7487

Weakness Enumeration

Related Identifiers

Affected Products

References · 4