Description
A stack-based buffer overflow vulnerability in the P2P API service in BS Producten Petcam with firmware 33.1.0.0818 allows unauthenticated attackers within network range to overwrite the instruction pointer and achieve Remote Code Execution (RCE) by sending a specially crafted HTTP request.
Published: 2026-03-25
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote code execution
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow occurs in the P2P API service of BS Producten Petcam. The flaw allows an unauthenticated attacker within local network range to send a specially crafted HTTP request, overwrite the instruction pointer, and execute arbitrary code on the device.

Affected Systems

The vulnerability affects BS Producten Petcam devices running firmware 33.1.0.0818. No other firmware versions or products are listed as affected.

Risk and Exploitability

The problem has a CVSS score of 8.8, indicating high severity. No EPSS score is available, and the issue is not listed in the CISA KEV catalog, suggesting it may not yet be widely exploited. Exploitation requires only local network access and no authentication, making the attack vector easy for an attacker who can reach the device on the network. The stack overflow leads to full remote code execution, granting the attacker complete control over the device.

Generated by OpenCVE AI on March 25, 2026 at 19:39 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device firmware to a patched version from the vendor when available.
  • Restrict network access to the P2P API service so only trusted devices can reach it.
  • If the service is not required, disable or isolate it from the network.
  • Monitor the network for unusual HTTP requests that match known buffer‑overflow patterns.

Generated by OpenCVE AI on March 25, 2026 at 19:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Bs Producten
Bs Producten petcam
Vendors & Products Bs Producten
Bs Producten petcam

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title P2P API Buffer Overflow Enables Remote Code Execution

Wed, 25 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-121
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Wed, 25 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
Description A stack-based buffer overflow vulnerability in the P2P API service in BS Producten Petcam with firmware 33.1.0.0818 allows unauthenticated attackers within network range to overwrite the instruction pointer and achieve Remote Code Execution (RCE) by sending a specially crafted HTTP request.
References

Subscriptions

Bs Producten Petcam
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-25T15:52:35.113Z

Reserved: 2024-10-28T00:00:00.000Z

Link: CVE-2024-51348

cve-icon Vulnrichment

Updated: 2026-03-25T15:52:28.219Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-25T14:16:29.210

Modified: 2026-03-25T16:16:06.343

Link: CVE-2024-51348

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-26T11:51:36Z

Weaknesses