ID |
CVE-2018-4003
|
Summary |
An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The string lengths are handled incorrectly when parsing character strings in mDNS resource records, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 03-02-2023 - 01:54) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-787 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
03-02-2023 - 01:54 |
Published |
21-03-2019 - 16:29 |
Last modified |
03-02-2023 - 01:54 |