CVE-2021-21967
CVE-2021-21967 affects Sealevel Systems SeaConnect 370W v1.3.34. The OTA update task parses a JSON payload over MQTT and copies the dest field from OTAUpdateStruct into a 0x40-byte buffer using strcpy, leading to a stack-based buffer overflow when dest exceeds the buffer and removing the null ter...