Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on the device.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/162450/Shenzhen-Skyworth-RN510-Buffer-Overflow.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2021/May/5 | Exploit Mailing List Third Party Advisory |
https://s3curityb3ast.github.io/KSA-Dev-011.md | Exploit Third Party Advisory |
http://packetstormsecurity.com/files/162450/Shenzhen-Skyworth-RN510-Buffer-Overflow.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2021/May/5 | Exploit Mailing List Third Party Advisory |
https://s3curityb3ast.github.io/KSA-Dev-011.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/162450/Shenzhen-Skyworth-RN510-Buffer-Overflow.html - Exploit, Third Party Advisory, VDB Entry | |
References | () http://seclists.org/fulldisclosure/2021/May/5 - Exploit, Mailing List, Third Party Advisory | |
References | () https://s3curityb3ast.github.io/KSA-Dev-011.md - Exploit, Third Party Advisory |
Information
Published : 2021-04-09 13:15
Updated : 2024-11-21 05:54
NVD link : CVE-2021-25328
Mitre link : CVE-2021-25328
CVE.ORG link : CVE-2021-25328
JSON object : View
Products Affected
skyworthdigital
- rn510_firmware
- rn510
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')