Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Ic module cma'
2021-12-22
CVE-2021-21901
CWE-787
A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors�?? iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to memcpy. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2021-21902
CWE-287
An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authentication bypass via session hijacking. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2021-21903
CWE-787
A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors�?? iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2021-21904
CWE-22
A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors�?? iC Module CMA Version 5.0. An attacker can provide malicious input to trigger this vulnerability
CVE-2021-21905
CWE-787
Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called �??CMA Connect�?�, to interact with the iC Module on behalf of the user. After a client successfully authenticates, they can send plaintext commands to manipulate the device.
CVE-2021-21906
CWE-787
Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called �??CMA Connect�?�, to interact with the iC Module on behalf of the user. Every time a user submits a password to the CLI password prompt, the buffer containing their input is passed as the password parameter to the checkPassword function.
CVE-2021-21907
CWE-22
A directory traversal vulnerability exists in the CMA CLI getenv command functionality of Garrett Metal Detectors�?? iC Module CMA Version 5.0. A specially-crafted command line argument can lead to local file inclusion. An attacker can provide malicious input to trigger this vulnerability.
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Ic module cma' 
Polish
English