CVE-2019-7228

CVE-2019-7228

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.

Source: CVE-2019-7228

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다