Описание
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461651; Issue ID: MSV-4758.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.7.2 (включая)
Одновременно
Одно из
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:23.05.0:-:*:*:*:*:*:*
Одно из
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00017
Низкий
8.8 High
CVSS3
Дефекты
CWE-122
CWE-787
Связанные уязвимости
CVSS3: 8
github
5 дней назад
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461651; Issue ID: MSV-4758.
EPSS
Процентиль: 3%
0.00017
Низкий
8.8 High
CVSS3
Дефекты
CWE-122
CWE-787