An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted Weave command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openweave openweave-core 4.0.2 |