2 matches found
CVE-2018-3915
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 64 bytes. An attacker can...
CVE-2018-3915
The CVE-2018-3915 family affects Samsung SmartThings Hub STH-ETH-250 running firmware 0.20.17, where the video-core HTTP server uses string copy operations to retrieve shard table fields (secretKey, accessKey, sessionToken, bucket, directory, region). Each field is fetched via SELECT and copied w...