Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UDP packet to port 1900 allows an attacker to execute code on a remote device. However, this is only possible if the attacker is inside the LAN. Because of ASLR, the success rate is not 100% and leads instead to a DoS of the UPnP service. The remaining functionality of the Internet Box is not affected. A reboot of the Internet Box is necessary to attempt the exploit again.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Swisscom Internet-Box 缓冲区错误漏洞
Vulnerability Description
Swisscom Internet-Box是瑞士Swisscom公司的一款路由器。 Swisscom Internet-Box中在UDP端口1900上运行的LAN UPnP服务存在基于栈的缓冲区溢出漏洞。远程攻击者可利用该漏洞执行代码。以下版本受到影响:Swisscom Internet-Box 2版本,Internet Box Standard版本,Internet Box Plus 09.04.00之前版本,Internet Box light 08.05.02之前版本。
CVSS Information
N/A
Vulnerability Type
N/A