CVE-2018-8072: Buffer Overflow
First published: Thu Apr 26 2018(Updated: )
An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Edimax Ic-3140w Firmware | <=3.06 | |
| EDIMAX IC-3140W | ||
| Edimax Ic-5150w Firmware | <=3.09 | |
| Edimax Ic-5150w | ||
| Edimax Ic-6220dc Firmware | <=3.06 | |
| Edimax IC-6220DC |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://gitlab.com/nemux/CVE-2018-8072/blob/master/CVE-2018-8072_PoC.txt
- https://gitlab.com/nemux/CVE-2018-8072/blob/master/nemux_codemotion_Rome18_cover.pdf
- https://www.edimax.com/edimax/download/download/data/edimax/uk/download/for_home/home_network_cameras/home_network_cameras_indoor_fixed/ic-3140w
- https://www.nemux.org/2018/04/24/cve-2018-8072/
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/edimax
- canonical/edimax ic-3140w firmware
- version/edimax ic-3140w firmware/3.06
- canonical/edimax ic-3140w
- canonical/edimax ic-5150w firmware
- version/edimax ic-5150w firmware/3.09
- canonical/edimax ic-5150w
- canonical/edimax ic-6220dc firmware
- version/edimax ic-6220dc firmware/3.06
- canonical/edimax ic-6220dc