Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

Microsoft Patch Tuesday December 2022: SPNEGO RCE, Mark of the Web Bypass, Edge Memory Corruptions

Hello everyone! This episode will be about Microsoft Patch Tuesday for December 2022, including vulnerabilities that were added between November and December Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. Alternative video link (for Russia): https://vk.com/video-149273431_456239112 But let’s start with an older vulnerability. This will be another example why […]

Alexander V. Leonov
#vulnerability#web#mac#windows#google#microsoft#linux#rce#samba#buffer_overflow#auth#ibm#chrome#sap#blog
CVE-2022-45716: ip-com-10 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.

CVE-2022-45715: ip-com-5 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.

CVE-2022-45712: ip-com-3 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.

CVE-2022-45714: ip-com-9 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.

CVE-2022-45718: ip-com-14 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.

CVE-2022-45720: ip-com-15 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.

CVE-2022-45719: ip-com-11 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.

CVE-2022-45721: ip-com-13 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.

CVE-2022-45706: ip-com-7 - HackMD

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.