CVE-2018-1000804

Name of the Vulnerable Software and Affected Versions contiki-ng version 4

Description The issue is related to a Buffer Overflow in the AQL database engine, which can lead to Remote Code Execution on devices using the Contiki-NG operating system. This can be exploited by running malicious AQL code, for example, through a SQL-like Injection attack.

Recommendations For contiki-ng version 4, consider disabling the AQL database engine or restricting the execution of AQL code until a patch is available. Avoid using potentially malicious AQL code in the affected database engine to minimize the risk of exploitation.