go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

TEAMPLUS Teamplus Pro - Allocation of Resources Without Limits or Throttling-1

TVN ID TVN-202207004
CVE ID CVE-2022-35220
CVSS 7.7 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Affected Products Teamplus Pro (Android 、iOS) <= v3.011.6.0.1
Description Teamplus Pro community discussion function has an ‘allocation of resource without limits or throttling’ vulnerability. A remote attacker with general user privilege posting a thread with large content can cause the receiving client device to allocate too much memory, leading to abnormal termination of this client’s Teamplus Pro application.
Solution Contact tech support from TEAMPLUS.
Credit RayHong (CCoE)
Public Date 2022-07-29
Top