CyberSec.Space Logo
Back to CVE Browser

CVE-2018-3863

CRITICAL
9.9
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile6.87th
PublishedAug 23, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. A strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "user" value in order to exploit this vulnerability.

Affected Platforms (CPE)

💻
Samsung

Sth Eth 250 Firmware

= 0.20.17

References & Advisories

🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0548
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0548

Related Vulnerabilities

CVE-2018-390710.0

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Fi...

CVE-2018-38679.9

An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP ...

CVE-2018-39029.9

An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartTh...

CVE-2018-38789.9

Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung Smart...