CVE-2024-0772 | Nsasoft ShareAlarmPro 2.1.4 Registration Name/Key memory corruption

Posted by Angelo Barbosa | Jan 21, 2024 | CVE

A vulnerability was found in Nsasoft ShareAlarmPro 2.1.4 and classified as problematic. Affected by this issue is some unknown functionality of the component Registration Handler. The manipulation of the argument Name/Key leads to memory corruption.

This vulnerability is handled as CVE-2024-0772. Local access is required to approach this attack. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0772 | Nsasoft ShareAlarmPro 2.1.4 Registration Name/Key memory corruption

Related Posts

CVE-2023-51687 | impleCode Product Catalog Simple Plugin up to 1.7.6 on WordPress information disclosure

CVE-2023-52086 | resumable.php up to 0.1.4 upload.php path traversal (Issue 34)

CVE-2024-36783 | Totolink LR350 9.3.5u.6369_B20220309 NTPSyncWithHost host_time command injection

CVE-2024-7538 | oFono 1.34 CUSD AT Command stack-based overflow (ZDI-24-1078)