3 matches found
CVE-2018-3880
An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database,...
CVE-2018-3880
CVE-2018-3880 affects Samsung SmartThings Hub STH-ETH-250 with Firmware 0.20.17. The vulnerability is a stack-based buffer overflow in the video-core HTTP server’s database function find-by-cameraId, triggered by crafting HTTP requests that interact with the SQLite data when deleting/handling cam...
Samsung SmartThings Hub video-core Database find-by-cameraId Code Execution Vulnerability(CVE-2018-3880)
Summary Multiple exploitable vulnerabilities exist in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. An...