CVE-2020-27523

HIGH

Solstice-Pod <5.0.2 - DoS

Title source: llm

Description

Solstice-Pod up to 5.0.2 WEBRTC server mishandles the format-string specifiers %x; %p; %c and %s in the screen_key, display_name, browser_name, and operation_system parameter during the authentication process. This may crash the server and force Solstice-Pod to reboot, which leads to a denial of service.

References (4)

[Exploit, Third Party Advisory] https://www.youtube.com/watch?v=EGW_M1MqAG0

[Third Party Advisory] https://twitter.com/Kevin2600/status/1316261149403275264

[Product, Vendor Advisory] https://documentation.mersive.com/content/topics/general-gen2i-pod-specs.htm

[Exploit, Third Party Advisory] https://tiger-team-1337.blogspot.com/2020/10/solstice-pod-critical-unauthenticated.html

Scores

CVSS v3 7.5

EPSS 0.0134

EPSS Percentile 80.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-134

Status published

Products (1)

mersive/solstice_pod_firmware < 5.0.2

Published Nov 11, 2020

Tracked Since Feb 18, 2026