Описание
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 200.001.00.p027 (исключая)
Одновременно
cpe:2.3:o:sungrowpower:winet-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sungrowpower:winet-s:-:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00163
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-121
Связанные уязвимости
CVSS3: 9.8
github
9 месяцев назад
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow.
EPSS
Процентиль: 38%
0.00163
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-121