cve/2019/CVE-2019-6973.md

### [CVE-2019-6973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6973)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.

### POC

#### Reference
- http://packetstormsecurity.com/files/151377/Sricam-gSOAP-2.8-Denial-Of-Service.html
- https://github.com/bitfu/sricam-gsoap2.8-dos-exploit
- https://www.exploit-db.com/exploits/46261/

#### Github
- https://github.com/ARPSyndicate/cvemon
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-6973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6973)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/151377/Sricam-gSOAP-2.8-Denial-Of-Service.html`
			`- https://github.com/bitfu/sricam-gsoap2.8-dos-exploit`
			`- https://www.exploit-db.com/exploits/46261/`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`