Vulnerabilities (Page 4)

Couple OOB Writes in Anker Eufy Homebase 2

In the recv_server-device_response_msg_process() handler, a nums field gets pulled out of the packet’s JSON payload, and is used to represent the total number of UDP server domains.The application then iterates based on this field, looking for its respective domain%d key in the JSON…

 
2
3
4
5
6
7
8