Published: 21/03/2019 Updated: 24/08/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.

Vulnerable Product	Search on Vulmon	Subscribe to Product
genivia gsoap 2.8.0

#!/bin/bash ####################################################################################### # # Exploit Title: Sricam gSOAP 28 - Denial of Service # Date: 25/01/2019 # Vendor Status: Informed (24/10/2018) # CVE ID: CVE-2019-6973 # Exploit Author: Andrew Watson # Contact: keyb ...

Sricam gSOAP version 28 suffers from a denial of service vulnerability ...

Sricam gSOAP2.8 DoS exploit PoC

sricam-gsoap28-dos-exploit [Sricam gSOAP28 DoS exploit proof of concept] Proof of Concept code: Sricam_gSOAP_PoC_exploitsh CVE-2019-6973 cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2019-6973 Thanks to the CVE Assignment Team for their help structuring the following: [Description] Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HT

NVD-CWE-noinfo https://www.exploit-db.com/exploits/46261/https://github.com/bitfu/sricam-gsoap2.8-dos-exploit http://packetstormsecurity.com/files/151377/Sricam-gSOAP-2.8-Denial-Of-Service.html https://nvd.nist.gov https://github.com/bitfu/sricam-gsoap2.8-dos-exploit https://www.exploit-db.com/exploits/46261

CVE-2019-6973

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect