CVE-2014-1201
Last modified
CVE-2014-1201 is a vulnerability of currently unknown severity. Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the HTTP_PORT parameter.. EPSS estimates a 29.46% chance of exploitation in the next 30 days.
Description
Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the HTTP_PORT parameter.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lorex Technology | Edge Lh310 Firmware | 7-35-28-1b26e |
| Lorextechnology | Edge | lh310 |
| Lorex Technology | Edge3 Lh340 Firmware | 11.19.85_1fe3a |
| Lorextechnology | Edge3 | lh340 |
| Lorex Technology | Edge2 Lh330 Firmware | 11.17.38-33_1d97a |
| Lorextechnology | Edge2 | lh330 |
| Lorex Technology | Edge\+ Lh320 Firmware | 7-35-28-1b26e |
| Lorextechnology | Edge\+ | lh320 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-1201?
How severe is CVE-2014-1201?
How do I fix CVE-2014-1201?
Are you affected by CVE-2014-1201?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST