CVE-2019-5065

Summary

An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aBlynck IncBlynk Blynk-Library v0.6.1affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CVE Program Container

Additional References

References