4 matches found
CVE-2023-23302
creationtimestamp| type| source ---|---|--- 2023-05-24 00:40:26+00:00| seen| https://t.me/cibsecurity/64653 2025-01-21 15:00:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2410...
CVE-2023-23302
The Toybox.GenericChannel.setDeviceConfig API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the executi...
CVE-2023-23302
Summary of CVE-2023-23302 (Ciq API): The vulnerability affects CIQ API versions 1.2.0 through 4.1.7, specifically the Toybox.GenericChannel.setDeviceConfig method. The issue is that the API does not validate its parameter, which can cause buffer overflows when copying various attributes. This can...
CVE-2023-23302
The Toybox.GenericChannel.setDeviceConfig API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the executi...