CVE-2019-16735

CRITICAL

9.8

Descricao

A stack-based buffer overflow in processCommandUploadLog in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.

Detalhes CVE

Pontuacao CVSS v3.19.8

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado12/13/2019

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

petwant:pf-103petwant:pf-103_firmwareskymee:petalk_aiskymee:petalk_ai_firmware

Fraquezas (CWE)

CWE-787

Referencias

https://blog.securityevaluators.com/remotely-exploiting-iot-pet-feeders-21013562aea3(cve@mitre.org)

https://blog.securityevaluators.com/remotely-exploiting-iot-pet-feeders-21013562aea3(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.