Rdkb Ccsppandm Security Vulnerabilities and Issues — Rdkb Ccsppandm CVE List

Lucene search

RdkcentralRdkb Ccsppandm

3 matches found

CVE•added 2019/06/20 2:15 p.m.•80 views

CVE-2019-6963

A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the CcspCommonL...

8.8CVSS9.1AI score0.02186EPSS

CVE•added 2019/06/20 2:15 p.m.•79 views

CVE-2019-6964

A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...

8.8CVSS8.6AI score0.00865EPSS

CVE•added 2019/06/20 2:15 p.m.•70 views

CVE-2019-6962

A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process (running as root) if the platform was compiled with the ENABLE_FEATURE_MESHWIFI macro. The attack is ...

8.5CVSS8AI score0.00483EPSS