CVE-2019-14698 — CRITICAL (9.8)

Q: How severe is CVE-2019-14698?

CVE-2019-14698 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2019-14698?

Check the references section above for vendor advisories and patch information. Affected products include: Microdigital Mdc-N4090 Firmware, Microdigital Mdc-N4090, Microdigital Mdc-N4090W Firmware, Microdigital Mdc-N4090W, Microdigital Mdc-N2190V Firmware.

Vulnerability Description

An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. In a CGI program running under the HTTPD web server, a buffer overflow in the param parameter leads to remote code execution in the context of the nobody account.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Microdigital	Mdc-N4090 Firmware	<= 6400.0.8.5
Microdigital	Mdc-N4090	-
Microdigital	Mdc-N4090W Firmware	<= 6400.0.8.5
Microdigital	Mdc-N4090W	-
Microdigital	Mdc-N2190V Firmware	<= 6400.0.8.5
Microdigital	Mdc-N2190V	-

Related Weaknesses (CWE)

CWE-119

References

http://www.microdigital.co.kr/Vendor Advisory
https://pastebin.com/PSyqqs1gThird Party Advisory
https://www.microdigital.ru/Vendor Advisory
http://www.microdigital.co.kr/Vendor Advisory
https://pastebin.com/PSyqqs1gThird Party Advisory
https://www.microdigital.ru/Vendor Advisory

FAQ

What is CVE-2019-14698?

CVE-2019-14698 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. In a CGI program running under the HTTPD web server, a buffer overflow in the param parameter leads to remote...

How severe is CVE-2019-14698?

CVE-2019-14698 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-14698?

Check the references section above for vendor advisories and patch information. Affected products include: Microdigital Mdc-N4090 Firmware, Microdigital Mdc-N4090, Microdigital Mdc-N4090W Firmware, Microdigital Mdc-N4090W, Microdigital Mdc-N2190V Firmware.