Описание
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
Ссылки
- Product
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sound4:linkandshare_transmitter:1.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00135
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-134
Связанные уязвимости
CVSS3: 9.8
github
около 2 месяцев назад
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
EPSS
Процентиль: 34%
0.00135
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-134