Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samsung SmartThings Hub STH-ETH-250 video-core HTTP服务器缓冲区错误漏洞
Vulnerability Description
Samsung SmartThings Hub STH-ETH-250是韩国三星(Samsung)公司的一款智能家居管理设备。video-core HTTP server是其中的一个HTTP服务器。 使用0.20.17版本固件的Samsung SmartThings Hub STH-ETH-250的video-core HTTP服务器中对数据库字段的检索存在基于栈的缓冲区溢出漏洞。攻击者可通过发送任意长度的‘accessKey’值利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A