Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the HTTP remote procedure call (RPC) service of set-top box (STB) receivers manufactured by Cisco for Yes could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the firmware of an affected device fails to handle certain XML values that are passed to the HTTP RPC service listening on the local subnet of the device. An attacker could exploit this vulnerability by submitting a malformed request to an affected device. A successful attack could cause the affected device to restart, resulting in a DoS condition. Yes has updated the affected devices with firmware that addresses this vulnerability. Customers are not required to take action. Vulnerable Products: This vulnerability affects YesMaxTotal, YesMax HD, and YesQuattro STB devices. Cisco Bug IDs: CSCvd08812.
CVSS Information
N/A
Vulnerability Type
资源管理错误
Vulnerability Title
Cisco YesMaxTotal、YesMax HD和YesQuattro STB 安全漏洞
Vulnerability Description
Cisco YesMaxTotal、YesMax HD和YesQuattro STB都是美国思科(Cisco)公司的视频信号转换器设备。HTTP remote procedure call (RPC) service是其中的一个远程过程调用服务。 Cisco YesMaxTotal、YesMax HD和YesQuattro STB设备的HTTP RPC service存在拒绝服务,该漏洞源于受影响设备的固件没有处理特定的XML值。远程攻击者可通过提交畸形的请求利用该漏洞造成拒绝服务(设备重启)。
CVSS Information
N/A
Vulnerability Type
N/A