← Back

Rdkcentral

rdkcentral

48 CVEs • 3 products

Products (3)

Click to collapse
Toggle
Rdk B
rdk-b
42 CVEs
Rdkb Ccsppandm
rdkb_ccsppandm
4 CVEs
Rdkb
rdkb
2 CVEs

CVEs (48)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-20796
4Google
LinuxfoundationOpenwrt+1 more
4Android
OpenwrtRdk B+1 more
Nov 21, 2024
Aug 7, 2023
N/A· v4
4.4 MEDIUM· v3
N/A· v2
In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch...Show more
In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.Show less
CVE-2023-20790
4Google
LinuxfoundationOpenwrt+1 more
4Android
OpenwrtRdk B+1 more
Nov 21, 2024
Aug 7, 2023
N/A· v4
4.4 MEDIUM· v3
N/A· v2
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. P...Show more
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.Show less
CVE-2023-20725
3Google
OpenwrtRdkcentral
3Android
OpenwrtRdk B
Jan 7, 2025
Jun 6, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitati...Show more
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).Show less
CVE-2023-20726
4Google
LinuxfoundationOpenwrt+1 more
4Android
OpenwrtRdkb+1 more
Jan 24, 2025
May 15, 2023
N/A· v4
3.3 LOW· v3
N/A· v2
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl...Show more
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).Show less
CVE-2019-6964
1Rdkcentral
1Rdkb Ccsppandm
Nov 21, 2024
Jun 20, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and cod...Show more
A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an exactly 64-byte username, password, or domain, for which the buffer size is insufficient for the final '\0' character. This is related to the CcspCommonLibrary and WebUI modules.Show less
CVE-2019-6963
1Rdkcentral
1Rdkb Ccsppandm
Nov 21, 2024
Jun 20, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field o...Show more
A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the CcspCommonLibrary module.Show less
CVE-2019-6962
1Rdkcentral
1Rdkb Ccsppandm
Nov 21, 2024
Jun 20, 2019
N/A· v4
7.5 HIGH· v3
8.5 HIGH· v2
A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process (running as root) if t...Show more
A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process (running as root) if the platform was compiled with the ENABLE_FEATURE_MESHWIFI macro. The attack is conducted by changing the Wi-Fi network password to include crafted escape characters. This is related to the WebUI module.Show less
CVE-2019-6961
1Rdkcentral
1Rdkb Ccsppandm
Nov 21, 2024
Jun 20, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator)...Show more
Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the page filtering for non-superuser (in header.php) is done only for GET requests and not for direct AJAX calls.Show less