漏洞描述
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
CVE-2018-10088: XiongMai uc-httpd 1.0.0 - Buffer Overflow
PoC代码[已公开]
id: CVE-2018-10088
info:
name: XiongMai uc-httpd 1.0.0 - Buffer Overflow
author: 0x_Akoko
severity: critical
description: |
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
impact: |
Potential for remote code execution or denial of service when successfully exploited.
remediation: |
Update to the latest version of uc-httpd or apply security patches provided by the vendor.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2018-10088
- https://www.exploit-db.com/exploits/44864
- https://github.com/bitfu/uc-httpd-1.0.0-buffer-overflow-exploit
- https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2018-10088
cwe-id: CWE-119
epss-score: 0.8435
epss-percentile: 0.99269
cpe: cpe:2.3:a:xiongmaitech:uc-httpd:1.0.0:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: xiongmaitech
product: uc-httpd
shodan-query: cpe:"cpe:2.3:a:xiongmaitech:uc-httpd"
tags: cve,cve2018,xiongmai,buffer-overflow,rce,passive,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
- "status_code == 200"
- "contains(tolower(header), 'uc-httpd')"
- "compare_versions(version, '<= 1.0.0')"
condition: and
extractors:
- type: regex
name: version
part: header
group: 1
regex:
- '(?i)Server:\s*uc-httpd[/\s]+([0-9]+\.[0-9]+\.[0-9]+)'
internal: true
- type: dsl
dsl:
- 'version'
# digest: 4a0a004730450220467658f07ebd50ccbc43953210c56b9a5e5be5a7726626a2269ae132f8ef936d022100e31b8a82959cf81a5ff33f8b188955b143312e47433e83103e001794925b8c17:922c64590222798bb761d5b6d8e72950