Vulnerability Details : CVE-2012-4334
The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.
Vulnerability category: Execute code
Products affected by CVE-2012-4334
- cpe:2.3:a:samsung:net-i_viewer:1.37.120316:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-4334
4.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-4334
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2012-4334
-
http://www.securityfocus.com/bid/53193
Samsung NET-i ware Multiple Remote VulnerabilitiesExploit
-
http://www.exploit-db.com/exploits/18765
Samsung NET-i ware 1.37 - Multiple Vulnerabilities - Windows dos ExploitExploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75069
Samsung NET-i ware ActiveX control code execution CVE-2012-4334 Vulnerability Report
Jump to