Published: 10/06/2022 Updated: 17/06/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated malicious user to exfiltrate sensitive information from the network configuration (e.g., username and password).

Vulnerable Product	Search on Vulmon	Subscribe to Product
netwavepr indoor ip camera firmware -
netwavepr outdoor ip camera firmware -

A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)

Netgrave A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240) This project was inspired by expcamera and offers performance and efficiency improvements This tool works for all platforms as it does not use any Linux CLI tools through shell commands like expcamera does CVE-2018-17240 On Linux systems, the /proc/kcor

CVE-2018-17240

The PoC of CVE-2018-17240

CWE-401 https://www.bbge.org/file/exploit.py https://github.com/BBge/CVE-2018-17240/blob/main/exploit.py https://github.com/BBge/CVE-2018-17240 https://nvd.nist.gov https://github.com/Xewdy444/Netgrave

CVE-2018-17240

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect