First published: Fri Sep 21 2018(Updated: )
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Samsung Sth-eth-250 Firmware | =0.20.17 | |
Samsung Sth-eth-250 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.