{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-18T21:18:04.580","vulnerabilities":[{"cve":{"id":"CVE-2019-12223","sourceIdentifier":"cve@mitre.org","published":"2019-09-05T15:15:11.783","lastModified":"2026-06-17T02:14:16.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A system crash and reboot can be achieved by submitting a long username in excess of 117 characters. The username triggers a buffer overflow in the main process controlling operation of the DVR system, rendering services unavailable during the reboot operation. A repeated attack affects availability as long as the attacker has network access to the device."},{"lang":"es","value":"Se detectó un problema en NVR WebViewer en los dispositivos Hanwah Techwin SRN-472s versión 1.07_190502 y otros dispositivos SRN-x en versiones anteriores a la 2019-05-03. Se puede lograr un bloqueo y reinicio del sistema enviando un nombre de usuario largo de más de 117 caracteres. El nombre de usuario desencadena un desbordamiento del búfer en el proceso principal que controla la operación del sistema DVR, lo que hace que los servicios no estén disponibles durante la operación de reinicio. Un ataque repetido afecta la disponibilidad siempre que el atacante tenga acceso de red al dispositivo."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hanwha-security:srn-472s_firmware:1.07_190502:*:*:*:*:*:*:*","matchCriteriaId":"F4AF0105-373B-4964-B608-53B861F0BAE6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hanwha-security:srn-472s:-:*:*:*:*:*:*:*","matchCriteriaId":"56837BCD-EF7E-4BC7-ABD2-98F0D3B47228"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hanwha-security:srn-873s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2019-05-03","matchCriteriaId":"BB7E9246-B9FC-4DCC-88EE-7D6615A7779C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hanwha-security:srn-873s:-:*:*:*:*:*:*:*","matchCriteriaId":"C60F82C4-EA5C-430A-A122-DD4735A250C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hanwha-security:srn-1673s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2019-05-03","matchCriteriaId":"82CBA0ED-BB76-4637-BF9F-C69EB6549988"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hanwha-security:srn-1673s:-:*:*:*:*:*:*:*","matchCriteriaId":"7BCE4607-4FB6-4682-8383-EB89D507A14F"}]}]}],"references":[{"url":"https://gist.github.com/dustinnoe/66f91573a0080c9fb2c21819d8805a82","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/%40noe.dustin/samsung-webviewer-remote-dos-vulberability-cve-2019-12223-5f4afbc83fbd","source":"cve@mitre.org"},{"url":"https://www.hanwha-security.com/en/products/video-recorder/nvr/ch4/SRN-472S/overview/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/dustinnoe/66f91573a0080c9fb2c21819d8805a82","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/%40noe.dustin/samsung-webviewer-remote-dos-vulberability-cve-2019-12223-5f4afbc83fbd","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.hanwha-security.com/en/products/video-recorder/nvr/ch4/SRN-472S/overview/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}}]}