Headline
CVE-2021-26621: KISA 인터넷 보호나라&KrCERT
An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01. Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function.
Security Advisory
CVE-2021-26621 | Netis Korea MEX01 Buffer overflow vulnerability2022.03.25
□ Overview
o NetU Corp. (Netis Systems Co., Ltd Branch in Korea) released security update to address buffer overflow vulnerability in MEX01.
Vulnerability
Vulnerability Type
Impact
Severity
CVSS Score
CVE ID
Buffer Overflow
Remote code execution
High
8.1
CVE-2021-26621
□ Description
o An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01.
o Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function.
□ Affected Product
Affected Product
Product
Version
Platform
MEX01
prior of v1.9.18
Windows, Mac OS and etc.
□ Solution
o Update software over MEX01 Firmware v1.9.19 version or higher.
□ Reference
[1] https://netu.co.kr/
□ Etc
o Thanks to Dohyun Kim for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀
트위터 페이스북