2 matches found
CVE-2017-9391
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port3480". It seems that the UPnP services provide "requestimage" as one of the service actions for ...
CVE-2017-9391
CVE-2017-9391 affects Vera VeraEdge 1.7.19 and Veralite 1.7.481. A UPnP action (request_image) exposed on ports 3480/80 allows unsanitized URL parameters to be stored on the stack, enabling a buffer overflow when more than 1336 characters are supplied. The overflow targets stack values including ...