Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stack-Based Buffer Overflow in Newtec's update signaling causes RCE
Vulnerability Description
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM (Updating signaling process in the swdownload binary modules) allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The issue is both present on the PowerPC versions of the modem and the ARM versions. A stack buffer buffer overflow in the swdownload binary allows attackers to execute arbitrary code. The parse_INFO function uses an unrestricted `sscanf` to read a string of an incoming network packet into a statically sized buffer.
CVSS Information
N/A
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Newtec/iDirect NTC2218、Newtec/iDirect NTC2250和Newtec/iDirect NTC2299 安全漏洞
Vulnerability Description
Newtec/iDirect NTC2218等都是Newtec/iDirect公司的一款调制解调器。 Newtec/iDirect NTC2218、Newtec/iDirect NTC2250和Newtec/iDirect NTC2299存在安全漏洞,该漏洞源于缓冲区复制未检查输入大小,导致远程代码包含。
CVSS Information
N/A
Vulnerability Type
N/A