Vulnerabilities > CVE-2016-10273 - Out-of-bounds Write vulnerability in Jensenofscandinavia products

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

jensenofscandinavia

CWE-787

critical

NVD

Published: 2017-03-26

Updated: 2021-09-13

Summary

Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.

Vulnerable Configurations

Part	Description	Count
OS	Jensenofscandinavia Jensenofscandinavia Air Link_3G_Firmware Jensenofscandinavia Air Link_5000Ac_Firmware Jensenofscandinavia Air Link_59300_Firmware	3
Hardware	Jensenofscandinavia Jensenofscandinavia Air Link_3G Jensenofscandinavia Air Link_5000Ac Jensenofscandinavia Air Link_59300	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf