Filtered by vendor Aeroadmin
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-8894 | 1 Aeroadmin | 1 Aeroadmin | 2017-07-07 | 6.8 MEDIUM | 8.1 HIGH |
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine. | |||||
CVE-2017-8893 | 1 Aeroadmin | 1 Aeroadmin | 2017-07-07 | 5.0 MEDIUM | 7.5 HIGH |
AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service. |