CVE-2023-53966

Sažetak

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute arbitrary code and crash the application.

Reference

https://web.archive.org/web/20221207074555/https://www.sound4.com/
https://www.exploit-db.com/exploits/51259
https://www.vulncheck.com/advisories/sound-linkandshare-transmitter-format-string-stack-buffer-overflow
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5744.php
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5744.php

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

23-12-2025 - 14:51

Objavljeno

22-12-2025 - 22:16