Vulnerabilities > Realtek > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-01 | CVE-2022-27255 | Improper Input Validation vulnerability in Realtek Ecos Msdk Firmware and Ecos Rsdk Firmware In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. | 9.8 |
| 2021-12-22 | CVE-2021-39306 | Out-of-bounds Write vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security. | 9.8 |
| 2021-11-11 | CVE-2021-43573 | Classic Buffer Overflow vulnerability in Realtek Rtl8195Am Firmware 2.0.10/2.0.6 A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. | 9.8 |
| 2021-08-16 | CVE-2021-35393 | Out-of-bounds Write vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. | 9.8 |
| 2021-08-16 | CVE-2021-35394 | Unspecified vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. | 9.8 |
| 2021-08-16 | CVE-2021-35395 | Unspecified vulnerability in Realtek Jungle SDK Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. | 9.8 |
| 2021-03-25 | CVE-2021-27372 | Insufficiently Protected Credentials vulnerability in Realtek Xpon Rtl9601D Software Development KIT 1.9 Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands. | 9.8 |
| 2015-05-01 | CVE-2014-8361 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. | 9.8 |