Lucene search

KrcertCVELIST:CVE-2021-26621

HistoryMar 25, 2022 - 6:02 p.m.

CVE-2021-26621 Netis Korea MEX01 Buffer overflow vulnerability

2022-03-2518:02:38

CWE-120

krcert

www.cve.org

netis korea buffer overflow remote code executionstrcpy() function

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01. Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function.

CNA Affected

[
  {
    "platforms": [
      "Windows, Mac OS and etc."
    ],
    "product": "MEX01",
    "vendor": "NetU Corp.",
    "versions": [
      {
        "lessThanOrEqual": "v1.9.18",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66579

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

Related for CVELIST:CVE-2021-26621