How severe is CVE-2021-21969?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2021-21969?

This is classified as CWE-120, which is a common weakness in software security.

CVE-2021-21969 - LOW Severity | CVSS 3.7

Vulnerability Description

An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [4] the json_object_get_string to populate the p_payload global variable. The p_payload is only 0x100 bytes long, and the total MQTT message could be up to 0x201 bytes. Because the function json_object_get_string will fill str based on the length of the json’s value and not the actual str size, this would result in a possible out-of-bounds write.

Related Vulnerabilities

CVE-2021-21970

LOW

CVSS:3.7(Low)

CWE-1202021

CVE-2024-10106

LOW

CVSS:3.7(Low)

A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer.

CWE-1202024

CVE-2023-34115

LOW

CVSS:3.8(Low)

Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zo...

CWE-1202023

CVE-2023-51796

LOW

CVSS:3.6(Low)

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

CWE-1202023

CVE-2024-45620

LOW

CVSS:3.9(Low)

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When b...

CWE-1202024

CVE-2024-52759

LOW

CVSS:3.5(Low)

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function.

CWE-1202024