TROYANOSYVIRUS
Retour aux CVEs

CVE-2021-3790

MEDIUM
6.5

Description

A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device.

Details CVE

Score CVSS v3.16.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie11/12/2021
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0

Produits affectes

binatoneglobal:cn28binatoneglobal:cn28_firmwarebinatoneglobal:cn40binatoneglobal:cn40_firmwarebinatoneglobal:cn50binatoneglobal:cn50_firmwarebinatoneglobal:cn75binatoneglobal:cn75_firmwarebinatoneglobal:comfort_40binatoneglobal:comfort_40_firmwarebinatoneglobal:comfort_50_connectbinatoneglobal:comfort_50_connect_firmwarebinatoneglobal:comfort_85_connectbinatoneglobal:comfort_85_connect_firmwarebinatoneglobal:connect_20binatoneglobal:connect_20_firmwarebinatoneglobal:connect_view_65binatoneglobal:connect_view_65_firmwarebinatoneglobal:ease44binatoneglobal:ease44_firmwarebinatoneglobal:focus_68binatoneglobal:focus_68_firmwarebinatoneglobal:focus_72rbinatoneglobal:focus_72r_firmwarebinatoneglobal:halo\+_camerabinatoneglobal:halo\+_camera_firmwarebinatoneglobal:lux_64binatoneglobal:lux_64_firmwarebinatoneglobal:lux_65binatoneglobal:lux_65_firmwarebinatoneglobal:lux_85_connectbinatoneglobal:lux_85_connect_firmwarebinatoneglobal:mbp3667binatoneglobal:mbp3667_firmwarebinatoneglobal:mbp3855binatoneglobal:mbp3855_firmwarebinatoneglobal:mbp4855binatoneglobal:mbp4855_firmwarebinatoneglobal:mbp669_connectbinatoneglobal:mbp669_connect_firmwarebinatoneglobal:mbp6855binatoneglobal:mbp6855_firmware

Faiblesses (CWE)

CWE-121CWE-120

References

https://binatoneglobal.com/security-advisory/(psirt@lenovo.com)
https://binatoneglobal.com/security-advisory/(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.