Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereum_extractThorchainSwapData() in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is reachable remotely over WebUSB.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ShapeShift KeepKey 缓冲区错误漏洞
Vulnerability Description
ShapeShift KeepKey是一款用于加密货币存储的电子钱包设备。 ShapeShift KeepKey hardware wallet firmware 7.1.0之前版本存在安全漏洞,该漏洞允许攻击者通过精心制作的消息导致堆栈缓冲区溢出,从而导致代码执行。
CVSS Information
N/A
Vulnerability Type
N/A