4 matches found
Integer overflow
An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated...
CVE-2018-4011
An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated...
CUJO Smart Firewall Injection Vulnerability
CUJO Smart Firewall is a home smart firewall device from CUJO USA. An injection vulnerability exists in the configuration of the DHCP daemon in CUJO Smart Firewall using firmware version 7003. An attacker can exploit this vulnerability to execute arbitrary system commands...
CUJO Smart Firewall static DHCP hostname command injection vulnerability
Summary An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall. When adding a new static DHCP address, its corresponding hostname is inserted into the dhcpd.conf file without prior sanitization, allowing for arbitrary execution of system...