Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field.
References
Link | Resource |
---|---|
https://community.rapid7.com/community/infosec/blog/2017/03/27/r7-2015-28-multiple-eview-ev-07s-gps-tracker-vulnerabilities | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/97194 |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2017-03-27 14:59
Updated : 2017-03-30 18:59
NVD link : CVE-2017-5238
Mitre link : CVE-2017-5238
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
eviewgps
- ev-07s_gps_tracker_firmware
- ev-07s_gps_tracker