2 matches found
CVE-2018-3874
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long...
CVE-2018-3874
CVE-2018-3874 (Samsung SmartThings Hub STH-ETH-250) : The video-core HTTP server credentials handler accepts a JSON payload and copies parameters using strncpy into a 32-byte stack buffer. The length is taken from the source string itself, which is user-controlled, enabling a stack-based buffer o...