CVE-2018-0640Improper Restriction of Operations within the Bounds of a Memory Buffer in Aterm Hc100rc Firmware

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
7.2HIGHNVD
EPSS
2.0%
top 16.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
NEC Aterm Hc100rc FirmwareNEC Corporation Hc100rc
Timeline
PublishedJan 9
Latest updateMay 14

Description

Buffer overflow in Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary code via netWizard.cgi date parameter, time parameter, and offset parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5nec_corporation/hc100rcVer1.0.1 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-4pjf-jwfp-vg6f: Buffer overflow in Aterm HC100RC Ver12022-05-14
CVEList
CVE-2018-0640: Buffer overflow in Aterm HC100RC Ver12019-01-09
CVE-2018-0640 — Aterm Hc100rc Firmware vulnerability | cvebase