CVE-2023-6888

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PHZ76 RtspServer version 1.0.0

Description A critical issue was found in the ParseRequestLine function of the RtspMesaage.cpp file, leading to a stack-based buffer overflow. This issue can be exploited remotely. The exploit has been disclosed publicly. The vendor was contacted about this issue but did not respond.

Recommendations For PHZ76 RtspServer version 1.0.0, as a temporary workaround, consider disabling the ParseRequestLine function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

CVE-2023-6888

Affected Products

Phz76 Rtspserver

CVE-2023-6888

Weakness Enumeration

Related Identifiers

Affected Products

References · 8