First published: Tue Aug 06 2019(Updated: )
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The firmware update process is insecure, leading to remote code execution. The attacker can provide arbitrary firmware in a .dat file via a webparam?system&action=set&upgrade URI.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microdigital Mdc-n4090 Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n4090 | ||
Microdigital Mdc-n4090w Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n4090w | ||
Microdigital Mdc-n2190v Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n2190v |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-14707.
The affected software is MicroDigital N-series cameras with firmware up to version 6400.0.8.5.
The severity of CVE-2019-14707 is high, with a severity value of 7.2.
This vulnerability allows remote code execution through an insecure firmware update process.
The attacker can exploit this vulnerability by providing arbitrary firmware in a .dat file via a specific URI.