Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samsung SmartThings Hub video-core HTTP服务器缓冲区错误漏洞
Vulnerability Description
Samsung SmartThings Hub是韩国三星(Samsung)公司的一款智能家居管理设备。video-core HTTP server是其中的一个HTTP服务器。 Samsung SmartThings Hub中的video-core HTTP服务器的数据库字段的检索存在基于栈的缓冲区溢出漏洞,该漏洞源于video-core进程没有安全的从SQLite数据库中提取shard.videoHostURL字段。攻击者可通过发送HTTP请求利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A