Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attackers can craft a malicious payload that overwrites the Structured Exception Handler (SEH) and uses an egghunter technique to execute a reverse shell payload.

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

栈缓冲区溢出

Frigate Professional 安全漏洞

Frigate Professional是Frigate公司的一个摄像头管理软件。 Frigate Professional 3.36.0.9版本存在安全漏洞，该漏洞源于Pack File功能中的Archive To输入字段存在本地缓冲区溢出，可能执行任意代码。

N/A

N/A