CVE-2022-3385

Name of the Vulnerable Software and Affected Versions Advantech R-SeeNet versions 2.4.17 and prior

Description The issue is related to a stack-based buffer overflow in Advantech R-SeeNet. This can be exploited by an unauthorized attacker to remotely overflow the stack buffer, enabling remote code execution.

Recommendations For versions 2.4.17 and prior, update to a version later than 2.4.17 to resolve the issue. As a temporary workaround, consider restricting access to the show code endpoint until a patch is available. Avoid using functions that may trigger the stack-based buffer overflow until the issue is resolved.