Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trane ComfortLink II 缓冲区错误漏洞
Vulnerability Description
Trane ComfortLink II是英国Trane公司的一套用于家庭智能系统中的连接控制组件。 使用2.0.2版本固件的Trane ComfortLink II中的DSS服务存在远程代码执行漏洞。攻击者可利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A