QwikSec

Security Database

CVE

CWE

Training

CVE-2018-19524

Published: Mar 17, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or achieve unauthenticated remote code execution because of control of registers S0 through S4 and T4 through T7.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20190210 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.

mailing-list

x_refsource_BUGTRAQ

exploit

x_refsource_EXPLOIT-DB

https://s3curityb3ast.github.io/KSA-Dev-001.md

x_refsource_MISC

http://packetstormsecurity.com/files/151608/Skyworth-GPON-HomeGateways-Optical-Network-Stack-Overflow.html

x_refsource_MISC

20190212 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.

mailing-list

x_refsource_FULLDISC

https://www.breakthesec.com/2019/02/cve-2018-19524-stack-overflow-in.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.