CVE-2021-38451

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
22/10/2021
Last modified:
27/10/2021

Description

The affected product’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:auvesy:versiondog:*:*:*:*:*:*:*:* 8.0.0 (excluding)


References to Advisories, Solutions, and Tools