CVE-2021-45918 Information

Description

NHI’s health insurance web service component has insufficient validation for input string length which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program in order to terminate service without authentication which requires a system restart to recover service.

Reference

https://www.twcert.org.tw/tw/cp-132-6227-eaf49-1.html