A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands.
References
Configurations
Configuration 1 (hide)
AND |
|
History
08 Mar 2021, 15:41
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.8
v3 : 7.5 |
CPE | cpe:2.3:o:gigaset:dx600a_firmware:v41.00-175:*:*:*:*:*:*:* cpe:2.3:h:gigaset:dx600a:-:*:*:*:*:*:*:* |
|
References | (MISC) https://research.nccgroup.com/2021/02/28/technical-advisory-administrative-passcode-recovery-and-authenticated-remote-buffer-overflow-vulnerabilities-in-gigaset-dx600a-handset-cve-2021-25309-cve-2021-25306/ - Third Party Advisory | |
CWE | CWE-120 |
02 Mar 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-02 01:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-25306
Mitre link : CVE-2021-25306
CVE.ORG link : CVE-2021-25306
JSON object : View
Products Affected
gigaset
- dx600a
- dx600a_firmware
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')