CVE-2020-36995
4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal functionality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| telnet-lite | Mocha Telnet Lite for iOS | 4.2 | affected |
Weaknesses
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
References
- https://www.exploit-db.com/exploits/48728
- https://apps.apple.com/us/app/telnet-lite/id286893976
- https://www.vulncheck.com/advisories/mocha-telnet-lite-for-ios-user-denial-of-service
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.