← voltar
CVE-2023-53966

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

CVSS 9.3 CRITICALEPSS 0.6%CWE-134
SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
SOUND4 Ltd. · SOUND4 LinkAndShare Transmitter

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://web.archive.org/web/20221207074555/https://www.sound4.com/https://www.exploit-db.com/exploits/51259https://www.vulncheck.com/advisories/sound-linkandshare-transmitter-format-string-stack-buffer-overflowhttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5744.php