Axis Camera Multiple Products RCE (Devil's Ivy)

high Nessus Network Monitor Plugin ID 7279

Synopsis

The Remote host is vulnerable to a remote code execution vulnerability.

Description

The remote host is vulnerable to a flaw which allows a remote attacker to control the system. The flaw, nicknamed Devil's Ivy stems from a buffer overflow in the gSoap component.

Solution

The vendor has released a patch to address this issue.

Plugin Details

Severity: High

ID: 7279

Version: 1.0

Family: IoT

Published: 7/19/2017

Updated: 8/16/2018

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Reference Information

CVE: CVE-2017-9765

Detections

Analytics