CVE-2018-5704 (debian_linux, open_on-chip_debugger)
-
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5704
© Lightnetics 2024