CVE Vulnerabilities

CVE-2019-13129

Uncontrolled Recursion

Published: Jul 01, 2019 | Modified: Aug 24, 2020
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling.

Weakness

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

Affected Software

Name Vendor Start Version End Version
Cx2l_mwr04l_firmware Motorola 1.01 1.01

Potential Mitigations

References