PT-2023-19960 · Cncsoft · Dopsoft

Nattisamson

Published

2023-06-01

Updated

2023-06-14

CVE-2023-25177

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CNCSoft-B DOPSoft versions 1.0.0.4 and prior

Description The issue is related to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.

Recommendations For versions 1.0.0.4 and prior, update to a version that fixes the stack-based buffer overflow issue. As a temporary workaround, consider restricting access to the DOPSoft application to minimize the risk of exploitation.

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

CVE-2023-25177

ZDI-23-781

ZDI-23-782

ZDI-23-783

ZDI-23-784

ZDI-23-785

ZDI-23-786

ZDI-23-787

ZDI-23-788

ZDI-23-789

ZDI-23-790

ZDI-23-791

ZDI-23-792

ZDI-23-793

ZDI-23-794

ZDI-23-795

ZDI-23-796

ZDI-23-797

ZDI-23-798

ZDI-23-799

ZDI-23-800

ZDI-23-801

ZDI-23-802

ZDI-23-803

ZDI-23-804

ZDI-23-805

ZDI-23-806

ZDI-23-807

ZDI-23-808

ZDI-23-809

ZDI-23-810

ZDI-23-812

ZDI-23-813

ZDI-23-814

ZDI-23-815

ZDI-23-816

ZDI-23-817

Affected Products

Dopsoft

PT-2023-19960 · Cncsoft · Dopsoft

CVE-2023-25177

Weakness Enumeration

Related Identifiers

Affected Products

References · 40