What is CVE-2022-28381?

CVE-2022-28381 is a vulnerability in N/a. Published 2022-04-03.

Is CVE-2022-28381 known to be exploited?

16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-28381

Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932.

EPSS: 0.793 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

DShankle/CVE-2022-28381_PoC
rapid7/metasploit-framework
ARPSyndicate/cvemon
DShankle/CVE-2022-28381_
Matrix07ksa/ALLMediaServer-1.6-Buffer-Overflow
NaInSec/CVE-PoC-in-GitHub
SYRTI/POC_
WhooAmii/POC_
k0mi-tg/CVE-POC
karimhabush/cyberowl

References

github.com/Matrix07ksa/ALLMediaServer-1.6-Buffer-Overflow (x_refsource_MISC)
packetstormsecurity.com/files/166573/ALLMediaServer-1.6-Buffer-Overflow.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-28381?: CVE-2022-28381 is a vulnerability in N/a. Published 2022-04-03.
Is CVE-2022-28381 known to be exploited?: 16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.