2 matches found
CVE-2018-3914
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker ca...
CVE-2018-3914
Samsung SmartThings Hub STH-ETH-250 firmware version 0.20.17 exposes a stack-based buffer overflow in the video-core HTTP server during retrieval of shard table fields. The vulnerability occurs in a series of unbounded strcpy copies when loading fields such as secretKey, accessKey, sessionToken, ...