MidnightBSD

Advisories for lorextechnology

CVE-2012-6451 HIGH

Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
lorextechnology lnc104_firmware *
lorextechnology lnc116_firmware *
CVE-2014-1201 HIGH

Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the HTTP_PORT parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
lorex_technology edge+_lh320_firmware 7-35-28-1b26e
lorextechnology edge2 lh330
lorex_technology edge2_lh330_firmware 11.17.38-33_1d97a
lorex_technology edge_lh310_firmware 7-35-28-1b26e
lorextechnology edge+ lh320
lorextechnology edge lh310
lorex_technology edge3_lh340_firmware 11.19.85_1fe3a
lorextechnology edge3 lh340