Genivia · Dlt-Daemon · CVE-2020-29394
**Name of the Vulnerable Software and Affected Versions**
dlt-daemon versions 2.8.5 through 2.18.5
**Description**
A buffer overflow in the `dlt filter load` function in `dlt common.c` allows arbitrary code execution because `fscanf` is misused, with no limit on the number of characters to be read in the format argument.
**Recommendations**
For versions 2.8.5 through 2.18.5, consider disabling the `dlt filter load` function until a patch is available to prevent potential arbitrary code execution.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.