CVE-2022-23918

A stack-based buffer overflow vulnerability exists in the confsrv setmfrule functionality of TCL LinkHub Mesh Wifi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability...

CVE-2022-23399

A stack-based buffer overflow vulnerability exists in the confsrv setportfwdrule functionality of TCL LinkHub Mesh Wifi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-23399

A stack-based buffer overflow vulnerability exists in the confsrv setportfwdrule functionality of TCL LinkHub Mesh Wifi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-23103

A stack-based buffer overflow vulnerability exists in the confsrv confctlsetapplanguage functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-23103

A stack-based buffer overflow vulnerability exists in the confsrv confctlsetapplanguage functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-21201

A stack-based buffer overflow vulnerability exists in the confers ucloudaddnodenew functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-21201

CVE-2022-21201 : Talos reports a stack-based buffer overflow in TCL LinkHub Mesh Wi‑Fi MS1G_00_01.00_14 within the ucloud_add_node_new handling of Protobuffer input. The vulnerability occurs when the serialNumberMd5 field from a parsed ManualNodeInfo is copied into a fixed 0x80-byte buffer using ...

CVE-2022-21201

A stack-based buffer overflow vulnerability exists in the confers ucloudaddnodenew functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-37398 A stack-based buffer overflow vulnerability was found on ADM

A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below...

CVE-2022-37415

The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008...

SUSE SLES12 Security Update : u-boot (SUSE-SU-2022:2666-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2666-1 advisory. - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the...

SUSE SLES15 Security Update : u-boot (SUSE-SU-2022:2667-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2667-1 advisory. - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the...

SUSE SLES15 Security Update : u-boot (SUSE-SU-2022:2654-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2654-1 advisory. - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the...

CVE-2022-35222

CVE-2022-35222 affects the HiCOS Citizen verification component and is a stack-based buffer overflow caused by insufficient parameter length validation. An unauthenticated physical attacker could exploit this to execute arbitrary code, manipulate system commands, or disrupt service. CVSS v3.1 bas...

CVE-2022-35219

The CVE-2022-35219 entry describes a stack-based buffer overflow in the NHI card’s web service component caused by insufficient validation of the network packet key parameter. A local-area-network attacker with general user privileges can disrupt service. The issue affects the NHI card’s web serv...

D-Link DSL-3782 Buffer Overflow Vulnerability (CNVD-2022-56666)

The D-Link DSL-3782 is a wireless router from AUO D-Link of Taiwan, China. The D-Link DSL-3782 suffers from a buffer overflow vulnerability that stems from a stack-based buffer overflow in the getAttrValue method. No detailed vulnerability details are provided at this time...

CVE-2022-27255

In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data...

CVE-2022-27255

In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data...

TCL LinkHub Mesh Wifi confsrv set_mf_rule stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1455 TCL LinkHub Mesh Wifi confsrv setmfrule stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-23919,CVE-2022-23918 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv setmfrule functionality of TCL LinkHub Mes...

EulerOS 2.0 SP10 : cifs-utils (EulerOS-SA-2022-2127)

According to the versions of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers...