Количество 3
Количество 3
CVE-2015-2868
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
GHSA-rggx-gpg5-f3h9
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
BDU:2017-02596
Уязвимость службы DSS микропрограммного обеспечения термостата ComfortLink II, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-2868 An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution. | CVSS3: 9.8 | 9% Низкий | около 9 лет назад |
| GHSA-rggx-gpg5-f3h9 An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution. | CVSS3: 9.8 | 9% Низкий | больше 3 лет назад |
 | BDU:2017-02596 Уязвимость службы DSS микропрограммного обеспечения термостата ComfortLink II, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 9% Низкий | почти 12 лет назад |
Уязвимостей на страницу