4 matches found
CVE-2018-3878
Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buff...
CVE-2018-3878
Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buff...
CVE-2018-3878
Samsung SmartThings Hub STH-ETH-250 with firmware 0.20.17 contains multiple buffer overflow vulnerabilities in the video-core HTTP server credentials handler. Specifically, CVE-2018-3873 through CVE-2018-3878 arise from user-controlled JSON, where a strncpy copies a string without length checks, ...
Samsung SmartThings Hub video-core credentials Code Execution Vulnerability(CVE-2018-3873 - CVE-2018-3878)
Summary Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can...