CVE Catalog

CVE-2024-41623

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.64%

46th percentile - higher than 46% of all known CVEs

Summary

An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload. The vulnerability stems from improper input validation.

Risk Assessment

A local attacker could take control of the camera, potentially compromising the confidentiality of recordings, disrupting surveillance, or using the device as an entry point into the internal network.

Recommendation

Immediately update the camera firmware to the latest available version if a patch has been released. If no update is available, consider isolating the device from the production network and restricting physical access.

Original NVD description (English source)

An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload

Vulnerability data from NVD (NIST) · CISA KEV · EPSS