VYPR

Aeroadmin

by Aeroadmin

CVEs (2)

  • CVE-2017-8894HigJul 2, 2017
    risk 0.53cvss 8.1epss 0.02

    AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.

  • CVE-2017-8893HigJul 2, 2017
    risk 0.49cvss 7.5epss 0.01

    AeroAdmin 4.1 uses a function to copy data between two pointers where the size of the data copied is taken directly from a network packet. This can cause a buffer overflow and denial of service.