Unrated severityNVD Advisory· Published Apr 25, 2019· Updated Aug 5, 2024
CVE-2018-19442
CVE-2018-19442
Description
A Buffer Overflow in Network::AuthenticationClient::VerifySignature in /bin/astro in Neato Botvac Connected 2.2.0 allows a remote attacker to execute arbitrary code with root privileges via a crafted POST request to a vendors/neato/robots/[robot_serial]/messages Neato cloud URI on the nucleo.neatocloud.com web site (port 4443).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.2.0
Patches
Vulnerability mechanics
References
2- media.ccc.de/v/eh19-157-smart-vacuum-cleaners-as-remote-wiretapping-devicesmitrex_refsource_MISC
- www.usenix.org/system/files/woot19-paper_ullrich.pdfmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.