HTTP: Delta Electronics CNCSoft ScreenEditor File Preview Stack-based Buffer Overflow

This signature detects attempts to exploit a known vulnerability against Delta Electronics CNCSoft ScreenEditor File. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

All versions prior to Delta Electronics CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.

Affected Products

Deltaww cncsoft

References

CVE: CVE-2022-4634

Short Name
HTTP:OVERFLOW:DELTA-CNC-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CNCSoft CVE-2022-4634 Delta Electronics File Overflow Preview ScreenEditor Stack-based
Release Date
03/09/2023
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3650
False Positive
Unknown
Vendors

Deltaww

Found a potential security threat?