CVE-2022-28381

Critical

Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long…

mitre·CWE-787·Published 2022-04-03

CVSS

9.8

EPSS

0.69

KEV

Exploits

cve.orgen

196 chars

Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932.

NVDen

196 chars

Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932.

El archivo Mediaserver.exe en ALLMediaServer versión 1.6, presenta un desbordamiento de búfer en la región stack de la memoria que permite a atacantes remotos ejecutar código arbitrario por medio de una cadena larga al puerto TCP 888, un problema relacionado con CVE-2017-17932

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H