CVE-2018-1000804
on github
Published
Severity
CVSS v3:
9.8 CRITICAL
CVSS v2:
10 HIGH
Description
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able to run malicious AQL code (e.g. via SQL-like Injection attack).
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:o:contiki-ng:contiki-ng:4.0:*:*:*:*:*:*:* | n/a | n/a | 4.0 |