6 matches found
CVE-2019-6963
A heap-based buffer overflow in cosadhcpv4dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the...
CVE-2019-6963
A heap-based buffer overflow in cosadhcpv4dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the...
CVE-2019-6964
A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...
CVE-2019-6964
A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...
Heap overflow
A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...
CVE-2019-6963
A heap-based buffer overflow exists in cosa_dhcpv4_dml.c of the RDK RDKB-20181217-1 CcspPandM module. The issue could allow remote code execution when an attacker with login credentials crafts an oversized input in the Comment field of an IP reservation form in the admin panel, due to improper me...