Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HRealtek Rtl819x Jungle Software Development Kit
APPRealtek2.0 – 3.4.14b
CISA KEV — szczegółyi
- Dostawcai
- Realtek
- Produkti
- Jungle Software Development Kit (SDK)
- Data dodania do KEVi
- 10 grudnia 2021
- Termin remediation (USA)i
- 24 grudnia 2021(po terminie)
Zastosuj aktualizacje zgodnie z instrukcjami producenta.
▸ Pokaż oryginał (EN)
Apply updates per vendor instructions.
Zestaw SDK Jungle firmy RealTek zawiera wiele luk w zabezpieczeniach pamięci, które mogą umożliwić atakującemu wykonanie zdalnego kodu (RCE).
▸ Pokaż oryginał (EN)
RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.
Powiązane podatności
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface tha...
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPn...
A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4....
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungl...
A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x...