CVE-2018-16596
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-16596
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UDP packet to port 1900 allows an attacker to execute code on a remote device. However, this is only possible if the attacker is inside the LAN. Because of ASLR, the success rate is not 100% and leads instead to a DoS of the UPnP service. The remaining functionality of the Internet Box is not affected. A reboot of the Internet Box is necessary to attempt the exploit again.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Swisscom Internet-Box 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Swisscom Internet-Box是瑞士Swisscom公司的一款路由器。 Swisscom Internet-Box中在UDP端口1900上运行的LAN UPnP服务存在基于栈的缓冲区溢出漏洞。远程攻击者可利用该漏洞执行代码。以下版本受到影响:Swisscom Internet-Box 2版本,Internet Box Standard版本,Internet Box Plus 09.04.00之前版本,Internet Box light 08.05.02之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-16596
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-16596
请登录查看更多情报信息。
Same Patch Batch · n/a · 2018-12-17 · 69 CVEs total
| CVE-2018-20172 | Nagios XI 跨站脚本漏洞 | |
| CVE-2018-20092 | PTC ThingWorx Platform 路径遍历漏洞 | |
| CVE-2018-20123 | QEMU 资源管理错误漏洞 | |
| CVE-2018-19976 | YARA 安全漏洞 | |
| CVE-2018-14854 | Samsung Galaxy S6 bcmdhd4358 Wi-Fi驱动程序缓冲区错误漏洞 | |
| CVE-2018-14853 | Samsung Galaxy S6 bcmdhd4358 Wi-Fi驱动程序安全漏洞 | |
| CVE-2018-14852 | Samsung Galaxy S6 bcmdhd4358 Wi-Fi驱动程序安全漏洞 | |
| CVE-2018-20186 | Bento4 安全漏洞 | |
| CVE-2018-20185 | GraphicsMagick 缓冲区错误漏洞 | |
| CVE-2018-20184 | GraphicsMagick 缓冲区错误漏洞 | |
| CVE-2018-14855 | Samsung Galaxy S6 bcmdhd4358 Wi-Fi驱动程序缓冲区错误漏洞 | |
| CVE-2018-20171 | Nagios XI 跨站脚本漏洞 | |
| CVE-2018-20027 | Pylearn2 安全漏洞 | |
| CVE-2018-19822 | Infovista VistaPortal SE 跨站脚本漏洞 | |
| CVE-2018-19821 | Infovista VistaPortal SE 跨站脚本漏洞 | |
| CVE-2018-19820 | Infovista VistaPortal SE 跨站脚本漏洞 | |
| CVE-2018-19819 | Infovista VistaPortal SE 跨站脚本漏洞 | |
| CVE-2018-19818 | Infovista VistaPortal SE 跨站脚本漏洞 | |
| CVE-2018-19817 | Infovista VistaPortal SE 跨站脚本漏洞 | |
| CVE-2018-19816 | Infovista VistaPortal SE 跨站脚本漏洞 |
Showing top 20 of 69 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2018-16596
No comments yet