Описание
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.
Ссылки
- Broken LinkExploitThird Party Advisory
- Broken LinkPatchVendor Advisory
- PatchVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitThird Party Advisory
- Broken LinkPatchVendor Advisory
- PatchVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- US Government Resource
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
Связанные уязвимости
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.
Уязвимость инструмента для диагностирования MP Daemon средств разработки Realtek SDK, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3
10 Critical
CVSS2