CVE-2019-11878

An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. An attacker on the same local network as the camera can craft a message with a size field larger than 0x80000000 and send it to the camera, related to an integer overflow or use of a negative number. This then crashes the camera for about 120 seconds.

MISC: http://blog.0x42424242.in/2019/04/besder-investigative-journey-part-1_24.html
MISC: https://www.youtube.com/watch?v=SnyPJtDDMFQ
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11878

14 years
256 countries
683k users
4525k calculations
Logo www.kelcom.cz
Logo zoneway.cz
Logo www.eleksys.cz
Logo ipcamtalk.com
Logo www.clarecontrols.com
Logo www.systemy-stech.cz