Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-4334

4 documents4 sources
Severity
10.0CRITICAL
EPSS
35.7%
top 2.93%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Samsung Net-i Viewer
Timeline
PublishedAug 14
Latest updateMay 17

Description

The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsamsung/net-i_viewer1.37.120316

🔴Vulnerability Details

2
GHSA
GHSA-r993-4vgm-6r2p: The ConnectDDNS method in the (1) STWConfigNVR 12022-05-17
CVEList
CVE-2012-4334: The ConnectDDNS method in the (1) STWConfigNVR 12012-08-14

💥Exploits & PoCs

1
Exploit-DB
Samsung NET-i ware 1.37 - Multiple Vulnerabilities2012-04-22
CVE-2012-4334 (CRITICAL CVSS 10) | The ConnectDDNS method in the (1) S | cvebase.io