Описание
Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device or cause it to become unresponsive.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.156 (исключая)
Одновременно
cpe:2.3:o:hosteng:h0-ecom100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:hosteng:h0-ecom100:-:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00083
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-121
CWE-787
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prior. This may allow an attacker to crash the affected device or cause it to become unresponsive.
EPSS
Процентиль: 24%
0.00083
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-121
CWE-787