Количество 3
Количество 3
CVE-2022-27255
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
GHSA-hcc6-7m2q-wj56
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
BDU:2022-05085
Уязвимость модуля "SIP ALG" (SIP Application Layer Gateway) средств разработки Realtek SDK для операционной системы eCos, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-27255 In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data. | CVSS3: 9.8 | 25% Средний | больше 3 лет назад |
| GHSA-hcc6-7m2q-wj56 In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data. | CVSS3: 9.8 | 25% Средний | больше 3 лет назад |
 | BDU:2022-05085 Уязвимость модуля "SIP ALG" (SIP Application Layer Gateway) средств разработки Realtek SDK для операционной системы eCos, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 25% Средний | больше 3 лет назад |
Уязвимостей на страницу