VYPR

NHI card’s web service

by NHI

CVEs (2)

  • CVE-2022-35217HigAug 2, 2022
    risk 0.51cvss 7.8epss 0.00

    The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate…

  • CVE-2022-35219MedAug 2, 2022
    risk 0.36cvss 5.5epss 0.00

    The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.