CVE-2021-34982

The CVE-2021-34982 entry describes a pre-auth, remote code execution vulnerability in the httpd service of NETGEAR routers. The flaw is a stack-based buffer overflow caused by unchecked length of user-supplied data in the strings file, leading to code execution with root privileges when a network...

Eaton HMiSoft VU3 File Parsing wTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...

Advantech WebAccess Client upandpr scanf Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within a scanf call in upandpr.exe, which is accessed through the 0x2711 IOCTL in...

Fuji Electric Monitouch V-SFT Project File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...