Hello Wyze Team
I have several products from you guys and I would like to know if Wyze products have been affected with those vulnerabilities. (Most are Realtek Chipset)
· CVE-2021-35392 (CVSS score: 8.1) – Heap buffer overflow vulnerability in ‘WiFi Simple Config’ server due to unsafe crafting of SSDP NOTIFY messages
· CVE-2021-35393 (CVSS score: 8.1) – Stack buffer overflow vulnerability in ‘WiFi Simple Config’ server due to unsafe parsing of the UPnP
· CVE-2021-35394 (CVSS score: 9.8) – Multiple buffer overflow vulnerabilities and an arbitrary command injection vulnerability in ‘UDPServer’ MP tool
· CVE-2021-35395 (CVSS score: 9.8) – Multiple buffer overflow vulnerabilities in HTTP web server ‘boa’ due to unsafe copies of some overly long parameters.
Please let me know.
Thank you and have a great day