Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
gmg137 snap7-rs client.rs download heap-based overflow
Vulnerability Description
A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd7271e2a5b2e3da4d6f68589424. Affected by this issue is the function snap7_rs::client::S7Client::download of the file client.rs. Such manipulation leads to heap-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
snap7-rs 安全漏洞
Vulnerability Description
snap7-rs是gmg137个人开发者的一个C++的库。 snap7-rs存在安全漏洞,该漏洞源于对文件client.rs中函数snap7_rs::client::S7Client::download的错误操作,可能导致堆缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A