CVE-2018-19442

A Buffer Overflow in Network::AuthenticationClient::VerifySignature in /bin/astro in Neato Botvac Connected 2.2.0 allows a remote attacker to execute arbitrary code with root privileges via a crafted POST request to a vendors/neato/robots/[robot_serial]/messages Neato cloud URI on the nucleo.neatocloud.com web site (port 4443).
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:neatorobotics:botvac_connected_firmware:2.2.0:*:*:*:*:*:*:*
cpe:2.3:h:neatorobotics:botvac_connected:-:*:*:*:*:*:*:*

Information

Published : 2019-04-25 10:29

Updated : 2020-01-22 08:15


NVD link : CVE-2018-19442

Mitre link : CVE-2018-19442


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

neatorobotics

  • botvac_connected_firmware
  • botvac_connected