Sign in to follow this  
Followers 0
Aokromes

gSOAP exploit

1 post in this topic


Remotely Exploitable Flaw Puts Millions of Internet-Connected Devices at Risk
Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking.

The vulnerability (CVE-2017-9765), discovered by researchers at the IoT-focused security firm Senrio, resides in the software development library called gSOAP toolkit (Simple Object Access Protocol) — an advanced C/C++ auto-coding tool for developing XML Web services and XML application.
 

Dubbed "Devil's Ivy," the stack buffer overflow vulnerability allows a remote attacker to crash the SOAP WebServices daemon and could be exploited to execute arbitrary code on the vulnerable devices.



More: http://thehackernews.com/2017/07/gsoap-iot-device-hacking.html

2

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.