Описание
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-26953
- https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2022-26952%20%26%20CVE-2022-26953/readme.md
- https://hub.digi.com/dp/path=/support/asset/digi-passport-1.5.2-firmware-release-notes
- https://hub.digi.com/support/products/infrastructure-management/digi-passport
Связанные уязвимости
CVSS3: 7.5
nvd
почти 4 года назад
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.