1 results (0.010 seconds)
CVSS: 7.8EPSS: 79%CPEs: 1EXPL: 1
CVSS: 7.8EPSS: 79%CPEs: 1EXPL: 1CVE-2021-35392
https://notcve.org/view.php?id=CVE-2021-35392
16 Aug 2021 — Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is present due to unsafe crafting of SSDP NOTIFY messages from received M-SEARCH messages ST header. Realtek Jungle SDK versiones v2.x hasta v3.4.14B, proporciona un servidor "WiFi Simple Config" que implementa los protocolos UPnP y SSDP. El bi... • https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain • CWE-787: Out-of-bounds Write •