8 matches found
CVE-2026-38427
An issue in fetchjpg in xdrv10scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read...
CVE-2026-38422
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmotaxdrvdriver/xdrv10scripter.ino, fetchjpg function...
Tasmota 安全漏洞
Tasmota is an IoT device firmware and automation control platform developed by Theo Arends. Versions of Tasmota prior to 15.3.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the fetchjpg function in xdrv10scripter.ino, which stored the Content-Length of JPEG streams in ...
CVE-2026-38426
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv10scripter.ino, fetchjpg, jpgtask.boundary40, strcpy function...
CVE-2026-38427
An issue in fetchjpg in xdrv10scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read...
Tasmota 安全漏洞
Tasmota is an IoT device firmware and automation control platform developed by Theo Arends. Versions of Tasmota prior to 15.3.0.3 contained security vulnerabilities. These vulnerabilities were caused by a buffer overflow in the fetchjpg function found in the...
CVE-2026-38422
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmotaxdrvdriver/xdrv10scripter.ino, fetchjpg function...
Exploit for CVE-2026-38426
CVE-2026-38426: strcpy Stack Buffer Overflow in Tasmota fetc...