5 matches found
Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in a library for µC/OS, an open-source operating system developed by Micrium. µC/OS is an embedded operating system that supports TCP/IP, USB, CAN bus and Modbus. The two...
CVE-2022-46377
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs wh...
CVE-2022-46377
Weston Embedded uC-FTPs 1.98.00 has an out-of-bounds read in the PORT command argument extraction. When no IP address argument is provided to PORT, the server may misparse the buffer, potentially leading to denial of service. Concrete details in Talos/TALOS-2022-1681 describe the vulnerable code ...
CVE-2022-46377
An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs wh...
Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...