Lucene search
K

4 matches found

NVD
NVD
added 2018/08/23 3:29 p.m.20 views

CVE-2018-3878

Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buff...

9.9CVSS9.9AI score0.01534EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/08/23 3:0 p.m.20 views

CVE-2018-3878

Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buff...

9.9CVSS9.9AI score0.01534EPSS
Exploits2References1
CVE
CVE
added 2018/08/23 3:0 p.m.55 views

CVE-2018-3878

Samsung SmartThings Hub STH-ETH-250 with firmware 0.20.17 contains multiple buffer overflow vulnerabilities in the video-core HTTP server credentials handler. Specifically, CVE-2018-3873 through CVE-2018-3878 arise from user-controlled JSON, where a strncpy copies a string without length checks, ...

9.9CVSS9.8AI score0.01534EPSS
Exploits2References1Affected Software1
seebug.org
seebug.org
added 2018/07/30 12:0 a.m.564 views

Samsung SmartThings Hub video-core credentials Code Execution Vulnerability(CVE-2018-3873 - CVE-2018-3878)

Summary Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can...

0.4AI score0.01871EPSS
Exploits7
Rows per page
Query Builder