Lucene search

[email protected]NVD:CVE-2023-27217

HistoryMay 18, 2023 - 3:15 a.m.

CVE-2023-27217

2023-05-1803:15:11

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-27217

stack-based buffer overflow

changefriendlyname function

belkin smart outlet

denial of service

upnp request

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

53.3%

JSON

A stack-based buffer overflow in the ChangeFriendlyName() function of Belkin Smart Outlet V2 F7c063 firmware_2.00.11420.OWRT.PVT_SNSV2 allows attackers to cause a Denial of Service (DoS) via a crafted UPNP request.

Affected configurations

Nvd

Node

belkinf7c063Match-

AND

belkinf7c063_firmwareMatch2.00.11420.owrt.pvt_snsv2

VendorProductVersionCPE
belkinf7c063-cpe:2.3:h:belkin:f7c063:-:*:*:*:*:*:*:*
belkinf7c063_firmware2.00.11420.owrt.pvt_snsv2cpe:2.3:o:belkin:f7c063_firmware:2.00.11420.owrt.pvt_snsv2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
belkin	f7c063	-	cpe:2.3:h:belkin:f7c063:-:::::::*
belkin	f7c063_firmware	2.00.11420.owrt.pvt_snsv2	cpe:2.3:o:belkin:f7c063_firmware:2.00.11420.owrt.pvt_snsv2:::::::*

References

sternumiot.com/iot-blog/mini-smart-plug-v2-vulnerability-buffer-overflow/

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

53.3%

JSON

Related for NVD:CVE-2023-27217

prion1 cve1 cvelist1 thn1