Описание
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-53966
- https://web.archive.org/web/20221207074555/https://www.sound4.com
- https://www.exploit-db.com/exploits/51259
- https://www.vulncheck.com/advisories/sound-linkandshare-transmitter-format-string-stack-buffer-overflow
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5744.php
EPSS
9.3 Critical
CVSS4
9.8 Critical
CVSS3
CVE ID
Дефекты
Связанные уязвимости
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
EPSS
9.3 Critical
CVSS4
9.8 Critical
CVSS3