CVE-2024-51347

{"id": "CVE-2024-51347", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2026-03-25T14:16:29.097", "references": [{"url": "https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/blob/main/CVE-2024-51347.md", "source": "cve@mitre.org"}, {"url": "https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/tree/main", "source": "cve@mitre.org"}, {"url": "https://github.com/victorGoeman/LSC-Indoor-Camera-Security-Research/blob/main/CVE-2024-51347.md", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone (TZ) parameter within the ONVIF configuration interface. The time zone (TZ) parameter does not have its length properly validated before being copied into a fixed-size buffer using the insecure strcpy function."}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en el binario dgiot en LSC Smart Indoor IP Camera V7.6.32. La falla existe en el manejo del par\u00e1metro de Zona Horaria (TZ) dentro de la interfaz de configuraci\u00f3n ONVIF. El par\u00e1metro de zona horaria (TZ) no tiene su longitud correctamente validada antes de ser copiado en un b\u00fafer de tama\u00f1o fijo utilizando la funci\u00f3n strcpy insegura."}], "lastModified": "2026-03-25T18:16:24.673", "sourceIdentifier": "cve@mitre.org"}