漏洞标题
N/A
漏洞描述信息
CWE-120:缓冲区复制未检查输入大小('经典缓冲区溢出')漏洞存在,当 improperly handled TLS包重新组装时可能导致远程代码执行。受影响的产品:SmartConnect Family: SMT系列(SMT Series ID=1015: UPS 04.5及之前), SMC系列(SMC Series ID=1018: UPS 04.2及之前), SMTL系列(SMTL Series ID=1026: UPS 02.9及之前), SCL系列(SCL Series ID=1029: UPS 02.5及之前/ SCL Series ID=1030: UPS 02.5及之前/ SCL Series ID=1036: UPS 02.5及之前/ SCL Series ID=1037: UPS 03.1及之前), SMX系列(SMX Series ID=1031: UPS 03.1及之前)
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
CVSS信息
N/A
漏洞类别
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
漏洞标题
Schneider Electric 多款产品缓冲区错误漏洞
漏洞描述信息
Schneider Electric APC Smart-UPS SMC Series等都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric APC Smart-UPS SMC Series是一款适用于单台服务器、低功耗网络和销售点 (POS) 设备的入门级 UPS。Schneider Electric APC Smart-UPS SMT Series是一款服务器、销售点、路由器、交换机、集线器和其他网络设备的线路交互式电源保护。Schneider E
CVSS信息
N/A
漏洞类别
缓冲区错误