CVE-2021-44154

An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which will then be triggered when running the diagnostics (via /goform/diagnostics_doit), resulting in a buffer overflow.

Summary:

An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which will then be triggered when running the diagnostics (via /goform/diagnostics_doit), resulting in a buffer overflow.

Reference Links(if available):

  • http://packetstormsecurity.com/files/165193/Reprise-License-Manager-14.2-Buffer-Overflow.html
  • https://reprisesoftware.com/admin/rlm-admin-download.php?&euagree=yes
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)