Published: 04/08/2020 Updated: 06/08/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated malicious users to trigger a buffer overflow and application termination via a malformed payload.

Vulnerable Product	Search on Vulmon	Subscribe to Product
acti nvr 2.3.04.07
acti nvr 3.0.12.42

ACTi NVR3 Standard or Professional Server version 301242 denial of service proof of concept exploit ...

ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.

cve-2020-15956 ACTi NVR 23 Standard/Professional Server and ACTi NVR3 Standard/Professional Server allows remote unauthenticated attackers to conduct a denial of service To exploit this vulnerability merely send a malformed authorization header payload of at least 760-bytes to the Media Server triggering a buffer overflow and application termination of ActiveMediaServerexe

CWE-120 https://github.com/megamagnus/cve-2020-15956 https://www2.acti.com/nvr3 http://packetstormsecurity.com/files/158771/ACTi-NVR3-Standard-Professional-Server-3.0.12.42-Denial-Of-Service.html https://nvd.nist.gov https://github.com/megamagnus/cve-2020-15956 https://packetstormsecurity.com/files/158771/ACTi-NVR3-Standard-Professional-Server-3.0.12.42-Denial-Of-Service.html

CVE-2020-15956

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect