CVE-2022-27255

CRITICAL

Realtek Ecos Rsdk Firmware - Improper Input Validation

Title source: rule

Description

In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.

Exploits (2)

nomisec WORKING POC 279 stars

by infobyte · poc

https://github.com/infobyte/cve-2022-27255

View Code ZIP pw:eip

nomisec WORKING POC 8 stars

by stryker-project · poc

https://github.com/stryker-project/CVE-2022-27255-checker

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255.pdf

[Third Party Advisory] https://forum.defcon.org/node/241835

Scores

CVSS v3 9.8

EPSS 0.1524

EPSS Percentile 94.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (2)

realtek/ecos_msdk_firmware 4.9.4p1

realtek/ecos_rsdk_firmware 1.5.7p1

Published Aug 01, 2022

Tracked Since Feb 18, 2026