Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.
References
Link | Resource |
---|---|
https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf | Technical Description Third Party Advisory |
https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf | Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 02:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf - Technical Description, Third Party Advisory |
Information
Published : 2017-03-26 05:59
Updated : 2024-11-21 02:43
NVD link : CVE-2016-10273
Mitre link : CVE-2016-10273
CVE.ORG link : CVE-2016-10273
JSON object : View
Products Affected
jensenofscandinavia
- air\
CWE
CWE-787
Out-of-bounds Write