1. Home
  2. CVE Database
  3. CVE-2023-45225
CRITICAL · 9.8

CVE-2023-45225

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras  with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overfl...

Vulnerability Description

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras  with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
ZavioCf7500 Firmwarem2.1.6.05
ZavioCf7500-
ZavioCf7300 Firmwarem2.1.6.05
ZavioCf7300-
ZavioCf7201 Firmwarem2.1.6.05
ZavioCf7201-
ZavioCf7501 Firmwarem2.1.6.05
ZavioCf7501-
ZavioCb3211 Firmwarem2.1.6.05
ZavioCb3211-
ZavioCb3212 Firmwarem2.1.6.05
ZavioCb3212-
ZavioCb5220 Firmwarem2.1.6.05
ZavioCb5220-
ZavioCb6231 Firmwarem2.1.6.05
ZavioCb6231-
ZavioB8520 Firmwarem2.1.6.05
ZavioB8520-
ZavioB8220 Firmwarem2.1.6.05
ZavioB8220-

Related Weaknesses (CWE)

CWE-121CWE-787

References

FAQ

What is CVE-2023-45225?

CVE-2023-45225 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras  with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overfl...

How severe is CVE-2023-45225?

CVE-2023-45225 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-45225?

Check the references section above for vendor advisories and patch information. Affected products include: Zavio Cf7500 Firmware, Zavio Cf7500, Zavio Cf7300 Firmware, Zavio Cf7300, Zavio Cf7201 Firmware.