Описание
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-10638
- https://www.us-cert.gov/ics/advisories/icsa-20-128-01
- https://www.zerodayinitiative.com/advisories/ZDI-20-593
- https://www.zerodayinitiative.com/advisories/ZDI-20-599
- https://www.zerodayinitiative.com/advisories/ZDI-20-600
- https://www.zerodayinitiative.com/advisories/ZDI-20-603
- https://www.zerodayinitiative.com/advisories/ZDI-20-616
- https://www.zerodayinitiative.com/advisories/ZDI-20-621
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution.