4 matches found
CVE-2021-35393
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due ...
Realtek Jungle SDK Buffer Overflow (CVE-2021-35392; CVE-2021-35393; CVE-2021-35395)
A buffer overflow vulnerability exists in Realtek Jungle SDK. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...
Multiple Flaws Affecting Realtek Wi-Fi SDKs Impact Nearly a Million IoT Devices
Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software development kits SDKs accompanying its WiFi modules, which are used in almost 200 IoT devices made by at least 65 vendors. The flaws, which affect Realtek SDK v2.x, Realtek "Jungle" SDK...
CVE-2021-35393
Concrete details exist for Realtek Jungle SDK vulnerabilities (CVE-2021-35392, -35393, -35394, -35395). Realtek Jungle SDK v2.x–v3.4.14B runs a WiFi Simple Config/UPnP/SSDP server (named wscd or mini_upnpd) and separate management interfaces. Root causes include unsafe handling of submitted param...