Arbitrary Code Execution Vulnerability in Samsung NET-i Viewer ActiveX Controls

Arbitrary Code Execution Vulnerability in Samsung NET-i Viewer ActiveX Controls

CVE-2012-4334 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

Learn more about our Web Application Penetration Testing UK.