Vulnerabilities > CVE-2021-35392 - Out-of-bounds Write vulnerability in Realtek Jungle SDK
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is present due to unsafe crafting of SSDP NOTIFY messages from received M-SEARCH messages ST header.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain
- https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain
- https://www.realtek.com/en/cu-1-en/cu-1-taiwan-en
- https://www.realtek.com/en/cu-1-en/cu-1-taiwan-en
- https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdf
- https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdf