Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-21889

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-22 Dec, 2021 | 18:06
Updated At-03 Aug, 2024 | 18:30
Rejected At-
Credits

A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:22 Dec, 2021 | 18:06
Updated At:03 Aug, 2024 | 18:30
Rejected At:
▼CVE Numbering Authority (CNA)

A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Affected Products
Vendor
n/a
Product
Lantronix
Versions
Affected
  • Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU)
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121: Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.09.9CRITICAL
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.0
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1333
x_refsource_MISC
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1333
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1333
x_refsource_MISC
x_transferred
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1333
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:22 Dec, 2021 | 19:15
Updated At:28 Apr, 2022 | 19:31

A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.9CRITICAL
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Secondary3.09.9CRITICAL
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches
lantronix
lantronix
>>premierwave_2050_firmware>>8.9.0.0
cpe:2.3:o:lantronix:premierwave_2050_firmware:8.9.0.0:r4:*:*:*:*:*:*
lantronix
lantronix
>>premierwave_2050>>-
cpe:2.3:h:lantronix:premierwave_2050:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-121Secondarytalos-cna@cisco.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-121
Type: Secondary
Source: talos-cna@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1333talos-cna@cisco.com
Exploit
Technical Description
Third Party Advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1333
Source: talos-cna@cisco.com
Resource:
Exploit
Technical Description
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

233Records found
CVE-2017-16267
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d016578, the value for the `val` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-16298
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_schd, at 0x9d01a264, the value for the `offcmd` key is copied using `strcpy` to the buffer at `$sp+0x334`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-insteon_hub_firmwareinsteon_hubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16300
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_ex, at 0x9d01ac74, the value for the `id` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-insteon_hub_firmwareinsteon_hubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16324
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01e368, the value for the `s_group_vol` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16296
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_schd, at 0x9d01a1d4, the value for the `days` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-insteon_hub_firmwareinsteon_hubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16323
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01e2f4, the value for the `s_group` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16299
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_raw, at 0x9d01aad8, the value for the `d` key is copied using `strcpy` to the buffer at `$sp+0x334`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-insteon_hub_firmwareinsteon_hubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16263
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd g_b, at 0x9d015a8c, the value for the `val` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-16285
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 24.61%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_time, at 0x9d018e58, the value for the `offset` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16280
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d0181ec, the value for the `gate` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16266
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d016530, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-16276
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-09 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_grp, at 0x9d0175f4, the value for the `gbt` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hubhub_firmwareHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16303
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_ex, at 0x9d01addc, the value for the `cmd2` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16328
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event_alarm, at 0x9d01eb08, the value for the `s_event_offset` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16264
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd l_b, at 0x9d015cfc, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-16335
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 14:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event_var, at 0x9d01ee70, the value for the `s_offset` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16278
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-09 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d01815c, the value for the `ip` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hubhub_firmwareHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16317
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01d068, the value for the `g_group` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16287
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 24.61%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_time, at 0x9d018f00, the value for the `dstend` key is copied using `strcpy` to the buffer at `$sp+0x270`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16307
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-09 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b310, the value for the `cmd1` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hubhub_firmwareHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16316
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c898, the value for the `g_meta_page` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16315
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:40
Updated-08 Apr, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c3a0, the value for the `s_state` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-16265
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 25.18%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd l_bt, at 0x9d016104, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-16305
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-11 Jan, 2023 | 21:39
Updated-08 Apr, 2025 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b20c, the value for the `id` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubHub
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-26096
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.53% / 66.03%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 17:57
Updated-25 Oct, 2024 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisandboxFortinet FortiSandbox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-25478
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.2||HIGH
EPSS-0.23% / 45.79%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:09
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-26567
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.41%
||
7 Day CHG~0.00%
Published-26 Feb, 2021 | 21:45
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.

Action-Not Available
Vendor-faad2_projectgithub/knik0Synology, Inc.
Product-uc3200vs960hd_firmwarevs960hdskynas_firmwarefaad2diskstation_manager_unified_controllerdiskstation_managerskynasfaad2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-23850
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-6.8||MEDIUM
EPSS-0.27% / 49.91%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 16:03
Updated-17 Sep, 2024 | 02:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow vulnerability in the recovery image telnet server

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-flexidome_ip_panoramic_6000dinion_hd_720pdinion_ip_starlight_7000_hddinion_ip_ultra_8000flexidome_ip_starlight_7000_firmwareflexidome_ip_indoor_5000_hddinion_ip_5000_hddinion_ip_bullet_4000_firmwareflexidome_ip_starlight_5000i_firmwaremic_ip_starlight_7000ip_micro_2000_firmwaredinion_ip_starlight_7000_firmwaredinion_ip_thermal_8000_firmwaredinion_ip_bullet_4000autodome_ip_5000iautodome_ip_4000_hddinion_ip_bullet_5000autodome_ip_starlight_5000i_firmwaremic_ip_starlight_7100i_firmwaredinion_ip_thermal_9000_rmflexidome_corner_9000_mp_firmwareflexidome_ip_micro_2000_ipdinion_hd_1080pdinion_ip_starlight_8000_firmwareflexidome_ip_5000i_firmwareflexidome_hd_1080p_firmwarevandal-proof_flexidome_hd_1080p_hdrflexidome_ip_starlight_8000idinion_hd_1080p_hdr_firmwaremic_ip_starlight_7000i_firmwareip_bullet_5000_hd_firmwareip_bullet_4000_hd_firmwareflexidome_ip_micro_2000_hdmic_ip_starlight_7100iflexidome_ip_outdoor_4000_hd_firmwaredinion_ip_bullet_5000i_firmwaredinion_hd_720p_firmwareflexidome_ip_indoor_5000_hd_firmwareautodome_ip_5000i_firmwareautodome_ip_4000_hd_firmwareflexidome_ip_starlight_6000_firmwareautodome_ip_5000_ir_firmwareflexidome_ip_panoramic_5000_firmwareflexidome_ip_micro_2000_hd_firmwaremic_ip_fusion_9000iflexidome_ip_starlight_7000flexidome_ip_indoor_4000_hd_firmwareflexidome_ip_outdoor_4000_irflexidome_ip_outdoor_4000_ir_firmwareflexidome_ip_micro_5000_mp_firmwaredinion_hd_1080p_hdrflexidome_ip_outdoor_5000_hd_firmwaremic_ip_starlight_7000idinion_ip_starlight_6000autodome_7000autodome_ip_starlight_7000i_firmwareflexidome_ip_starlight_8000i_firmwaremic_ip_starlight_7000_firmwareip_bullet_4000_hdvandal-proof_flexidome_hd_1080p_firmwareflexidome_hd_1080p_hdrdinion_ip_5000_mp_firmwareaviotec_ip_starlight_8000_firmwareip_micro_2000_hddinion_ip_starlight_8000dinion_ip_thermal_8000flexidome_ip_panoramic_6000_firmwaredinion_ip_bullet_6000iflexidome_ip_starlight_6000dinion_ip_starlight_7000_hd_firmwareflexidome_ip_micro_2000_ip_firmwareflexidome_hd_720p_firmwaredinion_hd_1080p_firmwareflexidome_ip_panoramic_7000_firmwareflexidome_ip_panoramic_5000flexidome_ip_indoor_5000_mpdinion_ip_ultra_8000_firmwaredinion_ip_bullet_4000iflexidome_ip_outdoor_4000_hddinion_ip_3000iautodome_ip_starlight_7000iip_micro_2000_hd_firmwaredinion_ip_bullet_4000i_firmwarevandal-proof_flexidome_hd_1080p_hdr_firmwaredinion_ip_starlight_6000_firmwaremic_ip_dynamic_7000mic_ip_ultra_7100iflexidome_ip_indoor_4000_irtinyon_ip_2000dinion_ip_3000i_firmwaredinion_ip_starlight_7000dinion_ip_4000_hdflexidome_hd_1080p_hdr_firmwareflexidome_ip_outdoor_5000_mpvandal-proof_flexidome_hd_1080pmic_ip_fusion_9000i_firmwareautodome_ip_5000_irflexidome_ip_3000i_firmwaredinion_imager_9000_hdmic_ip_ultra_7100i_firmwareflexidome_corner_9000_mpautodome_ip_5000_hd_firmwaredinion_ip_5000_hd_firmwaredinion_ip_5000_mpmic_ip_dynamic_7000_firmwareflexidome_ip_4000iaviotec_ip_starlight_8000flexidome_ip_indoor_4000_ir_firmwareip_bullet_5000_hdflexidome_ip_outdoor_5000_mp_firmwarevandal-proof_flexidome_hd_720p_firmwareautodome_ip_4000i_firmwaretinyon_ip_2000_firmwareflexidome_ip_outdoor_5000_hdflexidome_ip_4000i_firmwaredinion_ip_4000_hd_firmwaredinion_ip_thermal_9000_rm_firmwareflexidome_ip_starlight_5000idinion_ip_bullet_5000iflexidome_ip_indoor_4000_hdflexidome_hd_1080pdinion_ip_bullet_5000_firmwareautodome_ip_4000iautodome_7000_firmwareflexidome_ip_micro_5000_mpdinion_ip_bullet_6000i_firmwaredinion_imager_9000_hd_firmwareflexidome_ip_5000iip_micro_2000flexidome_hd_720pvandal-proof_flexidome_hd_720pautodome_ip_starlight_5000iflexidome_ip_indoor_5000_mp_firmwareflexidome_ip_3000iflexidome_ip_panoramic_7000autodome_ip_5000_hdCPP Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-23851
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 46.44%
||
7 Day CHG~0.00%
Published-30 Mar, 2022 | 16:03
Updated-16 Sep, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow vulnerability in the recovery image web-based interface

A specially crafted TCP/IP packet may cause the camera recovery image web interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-flexidome_ip_panoramic_6000dinion_hd_720pdinion_ip_starlight_7000_hddinion_ip_ultra_8000flexidome_ip_starlight_7000_firmwareflexidome_ip_indoor_5000_hddinion_ip_5000_hddinion_ip_bullet_4000_firmwareflexidome_ip_starlight_5000i_firmwaremic_ip_starlight_7000ip_micro_2000_firmwaredinion_ip_starlight_7000_firmwaredinion_ip_thermal_8000_firmwaredinion_ip_bullet_4000autodome_ip_5000iautodome_ip_4000_hddinion_ip_bullet_5000autodome_ip_starlight_5000i_firmwaremic_ip_starlight_7100i_firmwaredinion_ip_thermal_9000_rmflexidome_corner_9000_mp_firmwareflexidome_ip_micro_2000_ipdinion_hd_1080pdinion_ip_starlight_8000_firmwareflexidome_ip_5000i_firmwareflexidome_hd_1080p_firmwarevandal-proof_flexidome_hd_1080p_hdrflexidome_ip_starlight_8000idinion_hd_1080p_hdr_firmwaremic_ip_starlight_7000i_firmwareip_bullet_5000_hd_firmwareip_bullet_4000_hd_firmwareflexidome_ip_micro_2000_hdmic_ip_starlight_7100iflexidome_ip_outdoor_4000_hd_firmwaredinion_ip_bullet_5000i_firmwaredinion_hd_720p_firmwareflexidome_ip_indoor_5000_hd_firmwareautodome_ip_5000i_firmwareautodome_ip_4000_hd_firmwareflexidome_ip_starlight_6000_firmwareautodome_ip_5000_ir_firmwareflexidome_ip_panoramic_5000_firmwareflexidome_ip_micro_2000_hd_firmwaremic_ip_fusion_9000iflexidome_ip_starlight_7000flexidome_ip_indoor_4000_hd_firmwareflexidome_ip_outdoor_4000_irflexidome_ip_outdoor_4000_ir_firmwareflexidome_ip_micro_5000_mp_firmwaredinion_hd_1080p_hdrflexidome_ip_outdoor_5000_hd_firmwaremic_ip_starlight_7000idinion_ip_starlight_6000autodome_7000autodome_ip_starlight_7000i_firmwareflexidome_ip_starlight_8000i_firmwaremic_ip_starlight_7000_firmwareip_bullet_4000_hdvandal-proof_flexidome_hd_1080p_firmwareflexidome_hd_1080p_hdrdinion_ip_5000_mp_firmwareaviotec_ip_starlight_8000_firmwareip_micro_2000_hddinion_ip_starlight_8000dinion_ip_thermal_8000flexidome_ip_panoramic_6000_firmwaredinion_ip_bullet_6000iflexidome_ip_starlight_6000dinion_ip_starlight_7000_hd_firmwareflexidome_ip_micro_2000_ip_firmwareflexidome_hd_720p_firmwaredinion_hd_1080p_firmwareflexidome_ip_panoramic_7000_firmwareflexidome_ip_panoramic_5000flexidome_ip_indoor_5000_mpdinion_ip_ultra_8000_firmwaredinion_ip_bullet_4000iflexidome_ip_outdoor_4000_hddinion_ip_3000iautodome_ip_starlight_7000iip_micro_2000_hd_firmwaredinion_ip_bullet_4000i_firmwarevandal-proof_flexidome_hd_1080p_hdr_firmwaredinion_ip_starlight_6000_firmwaremic_ip_dynamic_7000mic_ip_ultra_7100iflexidome_ip_indoor_4000_irtinyon_ip_2000dinion_ip_3000i_firmwaredinion_ip_starlight_7000dinion_ip_4000_hdflexidome_hd_1080p_hdr_firmwareflexidome_ip_outdoor_5000_mpvandal-proof_flexidome_hd_1080pmic_ip_fusion_9000i_firmwareautodome_ip_5000_irflexidome_ip_3000i_firmwaredinion_imager_9000_hdmic_ip_ultra_7100i_firmwareflexidome_corner_9000_mpautodome_ip_5000_hd_firmwaredinion_ip_5000_hd_firmwaredinion_ip_5000_mpmic_ip_dynamic_7000_firmwareflexidome_ip_4000iaviotec_ip_starlight_8000flexidome_ip_indoor_4000_ir_firmwareip_bullet_5000_hdflexidome_ip_outdoor_5000_mp_firmwarevandal-proof_flexidome_hd_720p_firmwareautodome_ip_4000i_firmwaretinyon_ip_2000_firmwareflexidome_ip_outdoor_5000_hdflexidome_ip_4000i_firmwaredinion_ip_4000_hd_firmwaredinion_ip_thermal_9000_rm_firmwareflexidome_ip_starlight_5000idinion_ip_bullet_5000iflexidome_ip_indoor_4000_hdflexidome_hd_1080pdinion_ip_bullet_5000_firmwareautodome_ip_4000iautodome_7000_firmwareflexidome_ip_micro_5000_mpdinion_ip_bullet_6000i_firmwaredinion_imager_9000_hd_firmwareflexidome_ip_5000iip_micro_2000flexidome_hd_720pvandal-proof_flexidome_hd_720pautodome_ip_starlight_5000iflexidome_ip_indoor_5000_mp_firmwareflexidome_ip_3000iflexidome_ip_panoramic_7000autodome_ip_5000_hdCPP Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-20043
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-8.8||HIGH
EPSS-1.39% / 79.58%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 09:55
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBookmarks method allows a remote authenticated attacker to potentially execute code as the nobody user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.

Action-Not Available
Vendor-SonicWall Inc.
Product-sma_410_firmwaresma_210sma_410sma_400_firmwaresma_210_firmwaresma_500v_firmwaresma_500vsma_200_firmwaresma_200sma_400SonicWall SMA100
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-7870
Matching Score-4
Assigner-KrCERT/CC
ShareView Details
Matching Score-4
Assigner-KrCERT/CC
CVSS Score-6.4||MEDIUM
EPSS-0.27% / 50.39%
||
7 Day CHG~0.00%
Published-29 Jun, 2021 | 13:15
Updated-04 Aug, 2024 | 09:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This vulnerability exists due to insufficient validation of the parameter.

Action-Not Available
Vendor-unidocsUNIDOCS
Product-ezpdf_readerezpdf_editorezPDF EditorezPDF Reader
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8442
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.79% / 72.98%
||
7 Day CHG~0.00%
Published-30 Jan, 2020 | 00:34
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client.

Action-Not Available
Vendor-ossecn/a
Product-ossecn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-7563
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8.8||HIGH
EPSS-1.04% / 76.56%
||
7 Day CHG~0.00%
Published-18 Nov, 2020 | 13:50
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.

Action-Not Available
Vendor-n/a
Product-modicon_quantum_140cpu65150c_firmwaremodicon_m340_bmx_p34-2010_firmwaremodicon_m340_bmx_noe_0100h_firmwaremodicon_tsxp575634modicon_quantum_140noe77101_firmwaremodicon_m340_bmx_noc_0401modicon_quantum_140cpu65160c_firmwaremodicon_tsxp576634_firmwaremodicon_tsxety5103modicon_tsxp576634modicon_quantum_140cpu65160modicon_quantum_140noe77111_firmwaremodicon_tsxp575634_firmwaremodicon_m340_bmx_noe_0110hmodicon_quantum_140cpu65160_firmwaremodicon_m340_bmx_noe_0100_firmwaremodicon_m340_bmx_noe_0110_firmwaremodicon_m340_bmx_noe_0110h_firmwaremodicon_quantum_140cpu65160cmodicon_m340_bmx_nor_0200hmodicon_quantum_140cpu65150_firmwaremodicon_m340_bmx_p34-2030modicon_quantum_140cpu65150cmodicon_quantum_140cpu65150modicon_tsxety5103_firmwaremodicon_quantum_140noe77101modicon_m340_bmx_noc_0401_firmwaremodicon_m340_bmx_noe_0100hmodicon_tsxety4103modicon_m340_bmx_noe_0110modicon_quantum_140noc78100modicon_m340_bmx_noe_0100modicon_tsxp574634_firmwaremodicon_quantum_140noc78100_firmwaremodicon_m340_bmx_nor_0200h_firmwaremodicon_quantum_140noe77111modicon_m340_bmx_p34-2010modicon_m340_bmx_p34-2030_firmwaremodicon_tsxety4103_firmwaremodicon_tsxp574634Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found