Skip to content
/ cve-2020-15956 Public

ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.

nvd.nist.gov/vuln/detail/cve-2020-15956
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

megamagnus/cve-2020-15956

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 
cve-2020-15956.py
cve-2020-15956.py
 
 
poc.gif
poc.gif
 
 

Repository files navigation

cve-2020-15956

ACTi NVR 2.3 Standard/Professional Server and ACTi NVR3 Standard/Professional Server allows remote unauthenticated attackers to conduct a denial of service. To exploit this vulnerability merely send a malformed authorization header payload of at least 760-bytes to the Media Server triggering a buffer overflow and application termination of ActiveMediaServer.exe.

Vulnerable versions (possibly others):

  • ACTi NVR3 Standard Server V.3.0.12.42
  • ACTi NVR Professional V.2.3.04.07

Expected outcome: Denial of service. Server loss.

Fixed by vendor in NVR3 V.3.0.15.50

Running the Exploit

python3 cve-2020-15956.py http://address

PoC GIF

Resources

https://www.acti.com/DownloadCenter

About

ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.

nvd.nist.gov/vuln/detail/CVE-2020-15956

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages