IDCVSSSummaryLast (major) updatePublished
CVE-2020-27541 5.0
Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result
02-02-2021 - 18:49 26-01-2021 - 18:15
CVE-2020-27539 7.5
Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater service has a self-written HTTP parser and builder. HTTP parser has a heap buffer overflow (OOB write). In default configuration camera parses responses on
02-02-2021 - 18:56 26-01-2021 - 18:15
CVE-2020-27540 7.5
Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. The camera reads firmware update configuration from SD card file vc\version.json. fw-sign parameter and from this configuration is directly inserted i
02-02-2021 - 18:53 26-01-2021 - 18:15
CVE-2020-27542 4.6
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads configuration from QR code (including network settings). The static IP configuration from QR code is copied to the file /config/ip-static and after reboot data fro
02-02-2021 - 18:47 26-01-2021 - 18:15
Back to Top Mark selected
Back to Top