Vulnerabilities > CVE-2023-31470 - Out-of-bounds Write vulnerability in Smartdns Project Smartdns

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

smartdns-project

CWE-787

critical

NVD

Published: 2023-04-28

Updated: 2023-05-08

Summary

SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request.

Vulnerable Configurations

Part	Description	Count
Application	Smartdns_Project Smartdns Project Smartdns - Smartdns Project Smartdns 18 Smartdns Project Smartdns 20 Smartdns Project Smartdns 21 Smartdns Project Smartdns 22 Smartdns Project Smartdns 23 Smartdns Project Smartdns 24 Smartdns Project Smartdns 25 Smartdns Project Smartdns 26 Smartdns Project Smartdns 27 Smartdns Project Smartdns 28 Smartdns Project Smartdns 29 Smartdns Project Smartdns 30 Smartdns Project Smartdns 31 Smartdns Project Smartdns 32 Smartdns Project Smartdns 33 Smartdns Project Smartdns 34 Smartdns Project Smartdns 35 Smartdns Project Smartdns 36 Smartdns Project Smartdns 36.1 Smartdns Project Smartdns 37 Smartdns Project Smartdns 37.1 Smartdns Project Smartdns 37.2 Smartdns Project Smartdns 38 Smartdns Project Smartdns 38.1 Smartdns Project Smartdns 39 Smartdns Project Smartdns 40 Smartdns Project Smartdns 41	38

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References