CVE-2019-14699
Summary
| CVE | CVE-2019-14699 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-08-06 23:15:00 UTC |
| Updated | 2019-08-13 18:42:00 UTC |
| Description | An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server. |
Risk And Classification
Problem Types: CWE-78
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Microdigital | Mdc-n2190v | - | All | All | All |
| Hardware | Microdigital | Mdc-n2190v | - | All | All | All |
| Operating System | Microdigital | Mdc-n2190v Firmware | All | All | All | All |
| Hardware | Microdigital | Mdc-n4090 | - | All | All | All |
| Hardware | Microdigital | Mdc-n4090 | - | All | All | All |
| Hardware | Microdigital | Mdc-n4090w | - | All | All | All |
| Hardware | Microdigital | Mdc-n4090w | - | All | All | All |
| Operating System | Microdigital | Mdc-n4090w Firmware | All | All | All | All |
| Operating System | Microdigital | Mdc-n4090 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| > [Suggested description]> An issue was discovered on MicroDigital N-series ca - Pastebin.com | MISC | pastebin.com | Third Party Advisory |
| www.microdigital.co.kr | MISC | www.microdigital.co.kr | Vendor Advisory |
| www.microdigital.ru | MISC | www.microdigital.ru | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.