Filtered by vendor Realtek
Subscribe
Total
43 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5664 | 1 Realtek | 1 Realtek Media Player | 2024-02-14 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file. | |||||
CVE-2020-26652 | 1 Realtek | 2 Rtl8812au, Rtl8812au Firmware | 2023-12-10 | N/A | 7.5 HIGH |
An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service. | |||||
CVE-2022-32966 | 1 Realtek | 2 Rtl8111fp-cg, Rtl8111fp-cg Firmware | 2023-12-10 | N/A | 6.5 MEDIUM |
RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service. | |||||
CVE-2022-40740 | 1 Realtek | 2 Usdk, Xpon Software Development Kit | 2023-12-10 | N/A | 7.2 HIGH |
Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service. | |||||
CVE-2022-32967 | 1 Realtek | 4 Rtl8111ep-cg, Rtl8111ep-cg Firmware, Rtl8111fp-cg and 1 more | 2023-12-10 | N/A | 2.1 LOW |
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information. | |||||
CVE-2022-25635 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2023-12-10 | N/A | 6.5 MEDIUM |
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service. | |||||
CVE-2022-26528 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2023-12-10 | N/A | 6.5 MEDIUM |
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | |||||
CVE-2022-34326 | 1 Realtek | 2 Rtl8195am, Rtl8195am Firmware | 2023-12-10 | N/A | 7.5 HIGH |
In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection (with four-way handshake) failures in Soft AP mode. | |||||
CVE-2022-27255 | 1 Realtek | 4 Ecos Msdk, Ecos Msdk Firmware, Ecos Rsdk and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data. | |||||
CVE-2022-29558 | 1 Realtek | 1 Rtl819x Software Development Kit | 2023-12-10 | N/A | 8.8 HIGH |
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. | |||||
CVE-2022-26527 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2023-12-10 | N/A | 6.5 MEDIUM |
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | |||||
CVE-2022-26529 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2023-12-10 | N/A | 6.5 MEDIUM |
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | |||||
CVE-2022-21742 | 1 Realtek | 14 Rtl8152b, Rtl8152b Firmware, Rtl8153 and 11 more | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services. | |||||
CVE-2021-36925 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | |||||
CVE-2021-36924 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device. | |||||
CVE-2021-43573 | 1 Realtek | 2 Rtl8195am, Rtl8195am Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame. | |||||
CVE-2021-39306 | 1 Realtek | 2 Rtl8195am, Rtl8195am Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security. | |||||
CVE-2021-36923 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB device privileged IN and OUT instructions (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | |||||
CVE-2021-36922 | 1 Realtek | 1 Rtsupx Usb Utility Driver | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device. | |||||
CVE-2021-35393 | 1 Realtek | 1 Realtek Jungle Sdk | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due to unsafe parsing of the UPnP SUBSCRIBE/UNSUBSCRIBE Callback header. Successful exploitation of this vulnerability allows remote unauthenticated attackers to gain arbitrary code execution on the affected device. |