exploitDog

CVE-2018-1000537

Опубликовано: 26 июн. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer.

Ссылки

http://forums.reprap.org/read.php?415%2C823246
https://github.com/MarlinFirmware/Marlin/pull/10925
Third Party Advisory
http://forums.reprap.org/read.php?415%2C823246
https://github.com/MarlinFirmware/Marlin/pull/10925
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:marlinfw:marlin_firmware:*:*:*:*:*:*:*:*

Версия до 1.1.0 (включая)

EPSS

Процентиль: 91%

0.06284

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-52mm-j9gg-2xgp

CVSS3: 9.8

github

больше 3 лет назад

Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer.

EPSS

Процентиль: 91%

0.06284

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-119