2 matches found
CVE-2021-21971
An out-of-bounds write vulnerability exists in the URLdecode functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to an out-of-bounds write. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...
CVE-2021-21971
SeaLevel Systems SeaConnect 370W v1.3.34 is affected by CVE-2021-21971 through an out-of-bounds write in the URL_decode function used during OTA firmware updates over MQTT. The TALOS report details that the URL_decode implementation assumes there are always enough characters after a percent-encod...