漏洞标题
N/A
漏洞描述信息
在 Scandinavian 地区Jerusalem 的 AS Air:Link 3G(AL3G) 2.23m(Rev.3)版本、Air:Link 5000AC(AL5000AC) 1.13 版本和 Air:Link 59300(AL59300) 1.04(Rev.4) 设备中存在多个栈缓冲区溢出漏洞,允许远程攻击者执行任意代码或崩溃网络服务,通过(1)ateFunc,(2)ateGain,(3)ateTxCount,(4)ateChan,(5)ateRate,(6)ateMacID,(7)e2pTxPower1,(8)e2pTxPower2,(9)e2pTxPower3,(10)e2pTxPower4,(11)e2pTxPower5,(12)e2pTxPower6,(13)e2pTxPower7,(14)e2pTx2Power1,(15)e2pTx2Power2,(16)e2pTx2Power3,(17)e2pTx2Power4,(18)e2pTx2Power5,(19)e2pTx2Power6,(20)e2pTx2Power7,(21)ateTxFreqOffset,(22)ateMode,(23)ateBW,(24)ateAntenna,(25)e2pTxFreqOffset,(26)e2pTxPwDeltaB,(27)e2pTxPwDeltaG,(28)e2pTxPwDeltaMix,(29)e2pTxPwDeltaN,(30)readE2P参数/goform/formWlanMP端点。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款Jensen of Scandinavia AS Air:Link路由器缓冲区错误漏洞
漏洞描述信息
Jensen of Scandinavia AS Air:Link 3G等都是挪威Jensen of Scandinavia AS公司的路由器。 多款Jensen of Scandinavia AS Air:Link路由器中存在栈缓冲区溢出漏洞。远程攻击者可借助/goform/formWlanMP终端中的多个参数利用该漏洞执行任意代码或造成Web服务崩溃。以下产品和版本受到影响:Jensen of Scandinavia AS Air:Link 3G (AL3G) 2.23m (Rev. 3)版本;Air
CVSS信息
N/A
漏洞类别
缓冲区错误