CVE-2019-16736

A stack-based buffer overflow in processCommandUploadSnapshot in libcommon.so in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows remote attackers to cause denial of service or run arbitrary code as the root user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
skymeepetalk_ai_firmware
3.2.2.30
petwantpf-103_firmware
4.22.2.42
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://blog.securityevaluators.com/remotely-exploiting-iot-pet-feeders-21013562aea3
https://blog.securityevaluators.com/remotely-exploiting-iot-pet-feeders-21013562aea3