CVE-2022-3001

Name of the Vulnerable Software and Affected Versions Milesight Video Management Systems (VMS) versions prior to 40.7.0.79-r1

Description The issue is caused by improper input handling at the camera's web-based management interface. A remote attacker could exploit this by sending a specially crafted HTTP request to the targeted network camera, potentially causing a Denial of Service condition on the device.

Recommendations For versions prior to 40.7.0.79-r1, update to version 40.7.0.79-r1 or later to resolve the issue. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation.