CVE-2018-3916

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

7.8HIGH

EPSS

0.2%

top 63.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Samsung Samsung Sth-eth-250 Firmware

Timeline

PublishedAug 28

Latest updateMay 13

Description

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDsamsung/sth-eth-250_firmware0.20.17

▶CVEListV5samsung/samsungSamsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17

🔴Vulnerability Details

GHSA

GHSA-cwrm-ghmj-hwr3: An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung Smart↗2022-05-13

▶

CVEList

CVE-2018-3916: An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung Smart↗2018-08-28

▶