PT-2014-4673 · Qconndoor · Qconndoor
Publicado
2014-04-12
·
Atualizado
2017-01-20
·
CVE-2014-2389
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
qconnDoor version 10.1.0.2312
Description
A stack-based buffer overflow issue exists in the decryption function of qconnDoor. This allows remote attackers to execute arbitrary code via a crafted packet in a TCP session on a wireless network, but only when developer-mode has been previously enabled on the device.
Recommendations
For version 10.1.0.2312, consider disabling the decryption function in qconnDoor until a patch is available to prevent potential exploitation.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Qconndoor