Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due to unsafe parsing of the UPnP SUBSCRIBE/UNSUBSCRIBE Callback header. Successful exploitation of this vulnerability allows remote unauthenticated attackers to gain arbitrary code execution on the affected device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Realtek Jungle SDK 缓冲区错误漏洞
Vulnerability Description
Realtek Jungle SDK是提供了一个 HTTP Web 服务器,公开了一个管理接口,可用于配置接入点。 Realtek Jungle SDK 版本 v2.x 到 v3.4.14B存在安全漏洞,该漏洞源于UPnP SUBSCRIBE/UNSUBSCRIBE 回调标头的不安全解析。该漏洞允许未经身份验证的远程攻击者在受影响的设备上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A