← volver
CVE-2023-53966

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

CVSS 9.3 CRITICALEPSS 0.6%CWE-134
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
SOUND4 Ltd. · SOUND4 LinkAndShare Transmitter

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://web.archive.org/web/20221207074555/https://www.sound4.com/https://www.exploit-db.com/exploits/51259https://www.vulncheck.com/advisories/sound-linkandshare-transmitter-format-string-stack-buffer-overflowhttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5744.php