CVE-2008-5674

Critical CVSS 9.4

Overview

Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component.

CWE: CWE-20 Published: 2008-12-19T01:52:02.670

Risk analysis

This vulnerability is rated 🔴 CRITICAL.

CVSS: 9.4 (CRITICAL)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags