Page 9 of 47 results (0.045 seconds)

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1

An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64) bytes, and a length check is missing. This could lead to Remote Code Execution via a stack-smashing attack (overwriting the function return address). Contiki-NG does not separate the MQTT server from other servers and the OS modules, so access to all memory regions is possible. • https://github.com/contiki-ng/contiki-ng/issues/600 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able to run malicious AQL code (e.g. via SQL-like Injection attack). contiki-ng 4 contiene una vulnerabilidad de desbordamiento de búfer en el motor de la base de datos AQL (Antelope Query Language) que puede resultar en que un atacante ejecute código remotamente en el dispositivo mediante el sistema operativo de Contiki-NG. Este ataque parece ser explotable mediante un atacante que pueda ejecutar código AQL malicioso (p.ej., mediante un ataque de inyección de tipo SQL). • https://github.com/contiki-ng/contiki-ng/issues/594 https://github.com/contiki-ng/contiki-ng/pull/624 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in next_string in os/storage/antelope/aql-lexer.c while parsing AQL (parsing next string). Se ha descubierto un problema en Contiki-NG hasta su versión 4.1. Hay un desbordamiento de búfer basado en pila en next_string en os/storage/antelope/aql-lexer.c al analizar AQL (análisis de la siguiente cadena). • https://github.com/contiki-ng/contiki-ng/issues/595 • CWE-787: Out-of-bounds Write •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow while parsing AQL in lvm_shift_for_operator in os/storage/antelope/lvm.c. Se ha descubierto un problema en Contiki-NG hasta su versión 4.1. Hay un desbordamiento de búfer al analizar AQL en lvm_shift_for_operator en os/storage/antelope/lvm.c. • https://github.com/contiki-ng/contiki-ng/issues/598 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Contiki-NG through 4.1. There is a buffer over-read in lookup in os/storage/antelope/lvm.c while parsing AQL (lvm_register_variable, lvm_set_variable_value, create_intersection, create_union). Se ha descubierto un problema en Contiki-NG hasta su versión 4.1. Hay una sobrelectura de búfer en lookup en os/storage/antelope/lvm.c al analizar AQL (lvm_register_variable, lvm_set_variable_value, create_intersection y create_union). • https://github.com/contiki-ng/contiki-ng/issues/597 • CWE-125: Out-of-bounds Read •