3 matches found
CVE-2022-27631
A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...
CVE-2022-27631
A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...
CVE-2022-27631
The CVE-2022-27631 entry describes a memory corruption vulnerability in DD-WRT’s httpd unescape function affecting revisions 32270–48599. The issue stems from assuming two characters follow a '%' and performing an unsafe strcpy without validating the second character, which can read beyond the st...