CVE-2015-2097
Webgate Embedded Standard Protocol SDK - Memory Corruption
Title source: ruleDescription
Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) SDK allow remote attackers to execute arbitrary code via unspecified vectors to the (1) LoadImage or (2) LoadImageEx function in the WESPMonitor.WESPMonitorCtrl.1 control, (3) ChangePassword function in the WESPCONFIGLib.UserItem control, Connect function in the (4) WESPSerialPort.WESPSerialPortCtrl.1 or (5) WESPPLAYBACKLib.WESPPlaybackCtrl control, or (6) AddID function in the WESPCONFIGLib.IDList control or a (7) long string to the second argument to the ConnectEx3 function in the WESPPLAYBACKLib.WESPPlaybackCtrl control.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36607
exploitdb
WORKING POC
by Praveen Darshanam · htmlremotewindows
https://www.exploit-db.com/exploits/36602
exploitdb
WORKING POC
by Praveen Darshanam · textremotewindows
https://www.exploit-db.com/exploits/36505
References (12)
Scores
EPSS
0.4629
EPSS Percentile
97.7%
Details
CWE
CWE-119
Status
published
Products (1)
webgate/webgate_embedded_standard_protocol_sdk
Published
Mar 09, 2015
Tracked Since
Feb 18, 2026