RSS   Vulnerabilities for 'Aeroadmin'   RSS

2017-07-02
 
CVE-2017-8894

 

 
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.

 
 
CVE-2017-8893

 

 
AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service.

 


Copyright 2018, cxsecurity.com

 

Back to Top