Vulnerability identifier: #VU86167
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-94
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
P403
Hardware solutions /
Firmware
P463
Hardware solutions /
Firmware
P553
Hardware solutions /
Firmware
P703
Hardware solutions /
Firmware
P801
Hardware solutions /
Firmware
X554UN
Hardware solutions /
Firmware
X464UN
Hardware solutions /
Firmware
X554UNS
Hardware solutions /
Firmware
X464UNV
Hardware solutions /
Firmware
X474HB
Hardware solutions /
Firmware
X464UNS
Hardware solutions /
Firmware
X554UNV
Hardware solutions /
Firmware
X555UNS
Hardware solutions /
Firmware
X555UNV
Hardware solutions /
Firmware
X754HB
Hardware solutions /
Firmware
X554HB
Hardware solutions /
Firmware
E705
Hardware solutions /
Firmware
E805
Hardware solutions /
Firmware
E905
Hardware solutions /
Firmware
UN551S
Hardware solutions /
Firmware
UN551VS
Hardware solutions /
Firmware
X551UHD
Hardware solutions /
Firmware
X651UHD
Hardware solutions /
Firmware
X841UHD
Hardware solutions /
Firmware
X981UHD
Hardware solutions /
Firmware
MD551C8
Hardware solutions /
Firmware
Vendor: Sharp NEC Display Solutions
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
P403: All versions
P463: All versions
P553: All versions
P703: All versions
P801: All versions
X554UN: All versions
X464UN: All versions
X554UNS: All versions
X464UNV: All versions
X474HB: All versions
X464UNS: All versions
X554UNV: All versions
X555UNS: All versions
X555UNV: All versions
X754HB: All versions
X554HB: All versions
E705: All versions
E805: All versions
E905: All versions
UN551S: All versions
UN551VS: All versions
X551UHD: All versions
X651UHD: All versions
X841UHD: All versions
X981UHD: All versions
MD551C8: All versions
External links
http://www.sharp-nec-displays.com/global/support/info/A4_vulnerability.html
http://jvn.jp/en/vu/JVNVU97836276/index.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.