CVE-2022-3001
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
This vulnerability exists in Milesight Video Management Systems (VMS), all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the targeted network camera. Successful exploitation of this vulnerability could allow the attacker to cause a Denial of Service condition on the targeted device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Milesight | Video Management Systems | VMS < 40.7.0.79-r1 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.