CVE-2018-3905
CVE-2018-3905 applies to Samsung SmartThings Hub STH-ETH-250 (firmware 0.20.17). The video-core HTTP server’s camera-create path mishandles the JSON field state, copying it into a stack buffer without size checks, causing a stack-based buffer overflow that can enable code execution when a crafted...