Vulnerabilities > CVE-2022-43294 - Out-of-bounds Write vulnerability in Tasmota Project Tasmota

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

tasmota-project

CWE-787

critical

NVD

Published: 2022-11-14

Updated: 2023-01-12

Summary

Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack overflow via the ClientPortPtr parameter at lib/libesp32/rtsp/CRtspSession.cpp.

Vulnerable Configurations

Part	Description	Count
OS	Tasmota_Project Tasmota Project Tasmota *	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/arendst/Tasmota/pull/16802
https://github.com/arendst/Tasmota/pull/16802/commits/066878da4d4762a9b6cb169fdf353e804d735cfd