Vulnerabilities > CVE-2019-6963 - Out-of-bounds Write vulnerability in Rdkcentral Rdkb Ccsppandm Rdkb201812171
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the CcspCommonLibrary module.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |