Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the CcspCommonLibrary module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RDK CcspPandM模块缓冲区错误漏洞
Vulnerability Description
RDK是RDK Management社区的一套模块化、可移植、可定制的开源物联网软件解决方案。CcspPandM是其中的一个用于实现设备的核心配置和管理功能的模块。 RDK RDKB-20181217-1版本中的CcspPandM模块的cosa_dhcpv4_dml.c文件存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。
CVSS Information
N/A
Vulnerability Type
N/A