2 matches found
CVE-2021-21950
An out-of-bounds write vulnerability exists in the CMDDEVICEGETSERVERLISTREQUEST functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h in function recvserverdeviceresponsemsgprocess. A specially-crafted network packet can lead to code execution...
CVE-2021-21950
CVE-2021-21950 affects Anker Eufy Homebase 2 (binary home_security) with CMD_DEVICE_GET_SERVER_LIST_REQUEST. TALOS details/hardened code path: in recv_server_device_response_msg_process, an attacker-controlled nums value drives a loop that writes domain strings and then writes to a fixed buffer (...