2024-12-03 19:03:35 +00:00
{
"id" : "CVE-2024-52547" ,
"sourceIdentifier" : "cve@rapid7.com" ,
"published" : "2024-12-03T18:15:15.860" ,
2024-12-03 23:03:39 +00:00
"lastModified" : "2024-12-03T21:15:07.707" ,
2024-12-08 03:06:42 +00:00
"vulnStatus" : "Awaiting Analysis" ,
2024-12-03 19:03:35 +00:00
"cveTags" : [ ] ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port 80). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111."
2024-12-08 03:06:42 +00:00
} ,
{
"lang" : "es" ,
"value" : " Un atacante autenticado puede provocar un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en el servicio DHIP (puerto TCP 80). Esta vulnerabilidad se ha resuelto en la versi\u00f3n de firmware 2.800.0000000.8.R.20241111."
2024-12-03 19:03:35 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "cve@rapid7.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" ,
"baseScore" : 7.2 ,
"baseSeverity" : "HIGH" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "HIGH" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH"
} ,
"exploitabilityScore" : 1.2 ,
"impactScore" : 5.9
}
]
} ,
"weaknesses" : [
{
"source" : "cve@rapid7.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-787"
}
]
}
] ,
"references" : [
{
"url" : "https://github.com/sfewer-r7/LorexExploit" ,
"source" : "cve@rapid7.com"
2024-12-03 23:03:39 +00:00
} ,
{
"url" : "https://www.rapid7.com/blog/post/2024/12/03/lorex-2k-indoor-wi-fi-security-camera-multiple-vulnerabilities-fixed/" ,
"source" : "cve@rapid7.com"
2024-12-03 19:03:35 +00:00
}
]
}
