32 matches found
CVE-2020-25845 CHANGING Inc. NHIServiSignAdapter Windows Versions - Information Leakage -1
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential...
CVE-2020-25844 CHANGING Inc. NHIServiSignAdapter Windows Versions - Stack Overflow
The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege...
CVE-2020-25843 CHANGING Inc. NHIServiSignAdapter Windows Versions - Heap Overflow
NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a heap overflow loophole. Remote attackers can use the leak to execute code without privilege...
CVE-2020-25844
The CVE-2020-25844 entry affects the NHIServiSignAdapter: the digest generation function is not verified for parameter length, causing a stack overflow. This could allow remote code execution with no privileges. Exploitation details are not provided in the supplied documents; no specific vulnerab...
CVE-2020-25843
CVE-2020-25843 affects NHIServiSignAdapter. The issue is a failure to verify the length of digital credential files’ path, leading to a heap overflow. This could allow remote attackers to execute code without privileges. Some sources list a high/critical impact (network attack, low/unknown auth) ...
CVE-2020-25842 CHANGING Inc. NHIServiSignAdapter Windows Versions - Arbitrary File Access
The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Remote attacker can access arbitrary files through the flaw without privilege...
CVE-2020-25842
The CVE-2020-25842 entry concerns NHIServiSignAdapter, where the encryption function fails to verify the file path input by users, enabling a remote attacker to access arbitrary files without privileges. Root cause: improper input/path validation. Impact: potential arbitrary file disclosure. The ...
NHIServiSignAdapter Access Control Error Vulnerability
Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter, which stems from an encryption feature that fails to validate user-entered file paths. A remote attacker can exploit this...
NHIServiSignAdapter Buffer Error Vulnerability
Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter that stems from a summary generation function that does not validate the length of a parameter, which results in a stack...
Panorama NHIServiSignAdapter Input Validation Error Vulnerability
Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter that stems from multiple functions failing to validate user file paths, resulting in SMB requests being redirected to a...
Panorama NHIServiSignAdapter Input Validation Error Vulnerability
Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter, which stems from a failure of the digest generation function to validate the path to the source file, resulting in SMB...
NHIServiSignAdapter Buffer Error Vulnerability
Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter that stems from a failure to validate the length of the path to a digital certificate file, which would result in a heap...