PT-2017-19332 · Delta Electronics · Wplsoft

Published

2017-08-24

Updated

2019-10-09

CVE-2018-7494

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Delta Electronics WPLSoft versions 2.45.0 and prior

Description The issue concerns a stack-based buffer overflow that occurs when a value larger than the buffer is read from a file into a fixed length stack buffer. This can cause the buffer to be overwritten, potentially allowing remote code execution or causing the application to crash.

Recommendations For versions 2.45.0 and prior, update to a version that fixes this issue, as the current version may allow remote code execution or cause the application to crash due to the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

CVE-2018-7494

ZDI-17-698

Affected Products

Wplsoft

PT-2017-19332 · Delta Electronics · Wplsoft

CVE-2018-7494

Weakness Enumeration

Related Identifiers

Affected Products

References · 5