Headline

CVE-2020-16602: Razer Chroma SDK: Main Page

Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under “%PROGRAMDATA%\Razer Chroma\SDK\Apps” can be replaced before it is executed by the server. The attacker must have access to port 54236 for a registration step.

4 years ago

CVE

Open in Source

#chrome

Introduction

This document describes the REST API (Application Programming Interface) and the core components that are required to develop and run a Chroma-enabled application.

URI

The Chroma SDK RESTful server has the following URI http://localhost:54235/razer/chromasdk and https://chromasdk.io:54236/razer/chromasdk . Send a POST with the application information to this URI to get an instance URI. Send a GET will return the current Chroma SDK version that is present in the system.

Keeping the connection alive

The Chroma SDK RESTful server has a default time out of 15 secs for each connections. The client must maintain the connection by sending commands to the server within this time out value, if not the server will close the connection. For example sending PUT periodically (1s) to http://localhost:123456/chromasdk/heartbeat .

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

11 months ago

11 months ago

11 months ago

11 months ago

11 months ago