exploitDog

GHSA-7qmf-37fc-vqcp

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 10

Описание

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 85%

0.02547

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-3938

CVSS3: 9.1

nvd

больше 7 лет назад

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.

EPSS

Процентиль: 85%

0.02547

Низкий

10 Critical

CVSS3

CVE ID

Дефекты

CWE-787