CVE-2021-35394
CVE-2021-35394
In short
Realtek Jungle SDK contains a diagnostic tool (UDPServer) that allows remote attackers to inject and execute arbitrary commands without authentication. This is a critical flaw because attackers can take complete control of affected devices over the network.
Technical detail
The UDPServer binary in Realtek Jungle SDK v2.x through v3.4.14B is vulnerable to OS command injection (CWE-78) via crafted network packets. Remote unauthenticated attackers can exploit this via UDP to execute arbitrary commands with the privileges of the running process, combined with memory corruption vulnerabilities that may elevate impact.
Summary generated and translated by AI from the official description.
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-35394https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chainhttps://www.realtek.com/en/cu-1-en/cu-1-taiwan-enhttps://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdfhttps://www.securityfocus.com/archive/1/534765