cvedb.io
CVE-2022-1669
MEDIUM · CVSS 6.8
EPSS exploitation probability: 0%
Published 2022-05-24T18:15:08.353 · Last modified 2026-06-17T04:22:53.807

Summary

A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any "Address" value and it would be copied to a second variable with a "strcpy" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address.

Affected products

circutor — compact_dc-s_basic_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when circutor ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.