CVE-2016-10273

HIGH

Jensen of Scandinavia Air:Link - Remote Code Execution via /goform/formWlanMP Parameter Overflow

Title source: llm
STIX 2.1

Description

Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary code or crash the web service via the (1) ateFunc, (2) ateGain, (3) ateTxCount, (4) ateChan, (5) ateRate, (6) ateMacID, (7) e2pTxPower1, (8) e2pTxPower2, (9) e2pTxPower3, (10) e2pTxPower4, (11) e2pTxPower5, (12) e2pTxPower6, (13) e2pTxPower7, (14) e2pTx2Power1, (15) e2pTx2Power2, (16) e2pTx2Power3, (17) e2pTx2Power4, (18) e2pTx2Power5, (19) e2pTx2Power6, (20) e2pTx2Power7, (21) ateTxFreqOffset, (22) ateMode, (23) ateBW, (24) ateAntenna, (25) e2pTxFreqOffset, (26) e2pTxPwDeltaB, (27) e2pTxPwDeltaG, (28) e2pTxPwDeltaMix, (29) e2pTxPwDeltaN, and (30) readE2P parameters of the /goform/formWlanMP endpoint.

References (1)

Core 1
Core References
Technical Description, Third Party Advisory x_refsource_misc
https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf

Scores

CVSS v3 8.8
EPSS 0.0287
EPSS Percentile 85.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (3)
jensenofscandinavia/air\ link_3g_firmware 2.23m
jensenofscandinavia/air\ link_5000ac_firmware 1.13
jensenofscandinavia/air\ link_59300_firmware 1.04
Published Mar 26, 2017
Tracked Since Feb 18, 2026