Security researchers traced a “Devil’s Ivy” buffer overflow flaw to a widely used code library. The vulnerability could be present in tens of millions of software products or other connected devices. The flaw has been patched, and Axis has updated its devices, but there are questions as to whether all devices and applications created by dozens of organizations that employ the gSOAP library will be fixed. An attacker would have to supply an XML message that is more than 2 gigabytes to trigger the flaw.”]
Source: https://www.cuinfosecurity.com/iot-security-cameras-have-major-security-flaw-a-10120