ByteOS Network

NVD Vulnerability Details :

CVE-2021-3555

Analyzed

Source-cve-requests@bitdefender.com

Published At-31 May, 2022 | 10:15

Updated At-14 Jun, 2022 | 15:35

A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution. This issue affects: Eufy Indoor 2K Indoor Camera 2.0.9.3 version and prior versions.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	7.6	HIGH	CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary	2.0	5.4	MEDIUM	AV:A/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

eufylife>>solo_indoorcam_c24_firmware>>Versions up to 2.0.9.3(inclusive)

cpe:2.3:o:eufylife:solo_indoorcam_c24_firmware:*:*:*:*:*:*:*:*

eufylife>>solo_indoorcam_c24>>-

cpe:2.3:h:eufylife:solo_indoorcam_c24:-:*:*:*:*:*:*:*

eufylife>>solo_indoorcam_p24_firmware>>Versions up to 2.0.9.3(inclusive)

cpe:2.3:o:eufylife:solo_indoorcam_p24_firmware:*:*:*:*:*:*:*:*

eufylife>>solo_indoorcam_p24>>-

cpe:2.3:h:eufylife:solo_indoorcam_p24:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-120	Primary	nvd@nist.gov
CWE-120	Secondary	cve-requests@bitdefender.com

References

Hyperlink	Source	Resource
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-eufy2k-indoor-camera/	cve-requests@bitdefender.com	Exploit Technical Description Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History