{"id":"CVE-2019-6963","details":"A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the \"Comment\" field of an IP reservation form in the admin panel. This is related to the CcspCommonLibrary module.","modified":"2026-04-11T21:03:19.187505Z","published":"2019-06-20T14:15:11.173Z","references":[{"type":"ADVISORY","url":"https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rdkcmf/rdkb-ccsppandm","events":[{"introduced":"0"},{"last_affected":"8a7ae1ac0b29785bae165760e340c245f9d2d5e3"}],"database_specific":{"cpe":"cpe:2.3:a:rdkcentral:rdkb_ccsppandm:rdkb-20181217-1:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"rdkb-20181217-1"}],"source":"CPE_FIELD"}}],"versions":["IMPORT_INITIAL","RDKB-20181114","RDKB-20181114-1","RDKB-20181115","RDKB-20181217","RDKB-20181217-1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-6963.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}