N/A

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.

N/A

N/A

Realtek Jungle SDK 安全漏洞

Realtek Jungle SDK是中国瑞昱半导体（Realtek）公司的提供了一个 HTTP Web 服务器，公开了一个管理接口，可用于配置接入点。 Realtek Jungle SDK 2.x版本至3.4.14B版本存在安全漏洞，该漏洞源于软件提供了一个称为MP Daemon的诊断工具，其通常编译为UDPServer二进制文件。该二进制文件受到多个内存破坏漏洞和任意命令注入漏洞的影响，这些漏洞可被远程未经身份验证的攻击者利用。

N/A

N/A