Sth Eth 250 Firmware
CVE-2018-3894
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability.
AnalysisAI
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability. Affected products include: Samsung Sth-Eth-250 Firmware. Version information: version 0.20.17..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.
More in Sth Eth 250 Firmware
View allAn exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ET
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung Sm
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung Sm
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung Sm
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung Sm
An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsun
An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of vide
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung Sm
An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsun
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 -
An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server o
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today