» 2020 » 9월

QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.

Source: CVE-2020-25085

CVE-2020-25084

Posted on 2020년 9월 25일2020년 9월 25일 by admin

CVE-2020-25084

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

Source: CVE-2020-25084

CVE-2020-25625

Posted on 2020년 9월 25일2020년 9월 25일 by admin

CVE-2020-25625

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.

Source: CVE-2020-25625

CVE-2020-25747

Posted on 2020년 9월 25일2020년 9월 25일 by admin

CVE-2020-25747

The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset it to factory settings.

Source: CVE-2020-25747

CVE-2020-25748

Posted on 2020년 9월 25일2020년 9월 25일 by admin

CVE-2020-25748

A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values.

Source: CVE-2020-25748

CVE-2020-25749

Posted on 2020년 9월 25일2020년 9월 25일 by admin

CVE-2020-25749

The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. The Telnet service cannot be disabled and this password cannot be changed via standard functionality.

Source: CVE-2020-25749