Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device could become completely unresponsive. Presumably this happens as the memory footprint provided to this device is very small. According to the specs from Rezolt, the Wi-Fi module only has 256k of memory. As a result, an incorrect string copy operation using either memcpy, strcpy, or any of their other variants could result in filling up the memory space allocated to the function executing and this would result in memory corruption. To test the theory, one can modify the demo application provided by the Cypress WICED SDK and introduce an incorrect "memcpy" operation and use the compiled application on the evaluation board provided by Cypress semiconductors with exactly the same Wi-Fi SOC. The results were identical where the device would completely stop responding to any of the ping or web requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blipcare Wifi blood pressure monitor BP700 资源管理错误漏洞
Vulnerability Description
Blipcare Wifi blood pressure monitor BP700是美国Blipcare团队的一款电子血压计。 Blipcare Wifi blood pressure monitor BP700 10.1版本中存在安全漏洞。攻击者可利用该漏洞导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A