Описание
RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via network connectivity.
Ссылки
- ExploitIssue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2017.04 (включая) до 2018.10.1 (исключая)
cpe:2.3:o:riot-os:riot:*:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00385
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via network connectivity.
EPSS
Процентиль: 59%
0.00385
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787