CVE-2018-3895: Buffer Overflow
First published: Tue Aug 28 2018(Updated: )
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung STH-ETH-250 | =0.20.17 | |
| Samsung STH-ETH-250 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2018-3895?
CVE-2018-3895 has a high severity rating due to the potential for remote code execution through a buffer overflow.
How do I fix CVE-2018-3895?
To fix CVE-2018-3895, update the Samsung SmartThings Hub to a version of the firmware that is not vulnerable.
What software is affected by CVE-2018-3895?
CVE-2018-3895 specifically affects the Samsung SmartThings Hub with firmware version 0.20.17.
What type of attack can exploit CVE-2018-3895?
CVE-2018-3895 can be exploited through a crafted HTTP request that triggers a buffer overflow.
Is there a workaround for CVE-2018-3895?
There are no known workarounds for CVE-2018-3895 besides updating to a secure firmware version.
- agent/type
- agent/severity
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/samsung
- canonical/samsung sth-eth-250
- version/samsung sth-eth-250/0.20.17
- canonical/samsung sth-eth-250 firmware