3 matches found
CVE-2018-3873
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long...
CVE-2018-3873
Samsung SmartThings Hub (STH-ETH-250) firmware 0.20.17 uses the video-core HTTP server where the credentials handler copies user-controlled JSON values with strncpy into a stack buffer (128 bytes). The bug allows an arbitrarily long value in keys such as "secretKey" (and related fields) to overfl...
Samsung SmartThings Hub video-core credentials Code Execution Vulnerability(CVE-2018-3873 - CVE-2018-3878)
Summary Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can...