A buffer overflow vulnerability exists in arendst Tasmota firmware version 15.3.0.3 and earlier. The flaw resides in the Scripter driver (xdrv_10_scripter.ino), specifically within the fetch_jpg() function where a 40-byte boundary buffer (jpg_task.boundary[40]) is populated using strcpy() without adequate bounds checking. This allows a remote attacker to trigger memory corruption and potentially execute a [truncated]
A buffer overflow vulnerability exists in the Tasmota open-source firmware, specifically within the Scripter driver component. The flaw resides in the fetch_jpg() function located in xdrv_10_scripter.ino, affecting version 15.3.0.3 and earlier. Successful exploitation by a remote attacker could result in arbitrary code execution on affected devices. The vulnerability was disclosed on May 27, 2026, with th [truncated]