Lucene search
K

31 matches found

CVE
CVE
added 2022/05/31 7:51 p.m.67 views

CVE-2022-24700

WinAPRS 2.9.0 is affected by a buffer overflow in the DIGI address processing of VHF KISS AX.25 packets, which could allow a remote attacker to cause a denial of service (daemon crash). The issue is caused by improper handling in the DIGI address processing path. Remediation: there is no publicly...

7.5CVSS7.6AI score0.01656EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/31 7:51 p.m.23 views

CVE-2022-24700

An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service daemon crash via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by...

7.8AI score0.01656EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/05/31 7:51 p.m.13 views

CVE-2022-24702

An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

8.2AI score0.05555EPSS
Exploits1References4
CVE
CVE
added 2022/05/31 7:51 p.m.64 views

CVE-2022-24702

CVE-2022-24702 affects WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component can allow remote code execution via malicious AX.25 packets over the air. All sources note the vulnerability impacts products no longer supported by the maintainer. Connected documents do not provide a patched v...

9.8CVSS9.8AI score0.05555EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.4 views

PT-2022-16813 · Winaprs · Winaprs

Name of the Vulnerable Software and Affected Versions: WinAPRS version 2.9.0 Description: An issue was discovered in the processing of national.txt, which allows a local attacker to cause a denial of service or possibly achieve code execution through a buffer overflow. This issue only affects...

7.8CVSS8.1AI score0.00455EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.11 views

PT-2022-16814 · Winaprs · Winaprs

Name of the Vulnerable Software and Affected Versions: WinAPRS version 2.9.0 Description: An issue was discovered in the VHF KISS TNC component, allowing a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. This issue only affects products that are no longe...

9.8CVSS8AI score0.05555EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/05/31 12:0 a.m.3 views

PT-2022-16812 · Winaprs · Winaprs

Name of the Vulnerable Software and Affected Versions: WinAPRS version 2.9.0 Description: An issue was discovered in the DIGI address processing for VHF KISS packets, allowing a remote attacker to cause a denial of service daemon crash via a malicious AX.25 packet over the air. This issue only...

7.5CVSS7.2AI score0.01656EPSS
Exploits1References6
The Coalfire Blog
The Coalfire Blog
added 2022/05/03 6:47 p.m.23 views

Hacking Ham Radio: WinAPRS – Part 4

In part three of this series, we discovered and traced a memory corruption bug in WinAPRS using IDA Pro and WinDbg. We discovered that it could be used to gain control over the CPUs EIP register to obtain remote code execution. We found that there were limitations on the address that could be...

0.6AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/04/28 12:26 a.m.10 views

Hacking Ham Radio: WinAPRS – Part 3

In part two of this series, we reviewed our WinAPRS software and hardware configuration. We then began reverse engineering WinAPRS and fuzzing it for vulnerabilities using modified open-source software. Finally, we identified a potentially exploitable vulnerability. This installment will dig into...

1.9AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/04/21 5:57 p.m.16 views

Hacking Ham Radio: WinAPRS – Part 2

In part one of this series on vulnerability research in ham radio software, we discussed ham radio and digital communications via packet radio. We reviewed some relevant packet radio protocols such as AX.25, APRS, and KISS. We then chose WinAPRS as our target application. In this installment we...

1.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2022/03/29 8:0 p.m.9 views

Hacking Ham Radio: WinAPRS – Part 1

Hackers have been breaching computer system defenses for more than half a century, and the networks they use to exploit those weaknesses have been around for far longer than that. With the internet replacing most wirelines and wavelengths, and with the rise of cybercrime sophistication from petty...

0.9AI score
Exploits0
Rows per page
Query Builder