exploitDog

GHSA-vg55-9467-jpw8

Опубликовано: 25 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow.

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow.

Ссылки

EPSS

Процентиль: 35%

0.00148

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-120

Связанные уязвимости

CVE-2024-50697

CVSS3: 8.1

nvd

около 1 года назад

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow.

EPSS

Процентиль: 35%

0.00148

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-120