Taras Drozdovskyi

3 exploits Active since Sep 2022
CVE-2022-39828 WRITEUP HIGH WRITEUP
Samsung Mtower < 0.3.0 - Denial of Service
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.
CVSS 7.5
CVE-2022-39829 WRITEUP HIGH WORKING POC
Samsung Mtower < 0.3.0 - NULL Pointer Dereference
There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
CVSS 7.5
CVE-2022-39830 WRITEUP HIGH WRITEUP
Samsung Mtower < 0.3.0 - Denial of Service
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
CVSS 7.5