Описание
A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac - master branch 46177cb9. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ardupilot:apweb:-:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00525
Низкий
5.3 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
CWE-787
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac - master branch 46177cb9. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
EPSS
Процентиль: 66%
0.00525
Низкий
5.3 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
CWE-787