CVE-2017-9765 Genivia gSOAP Stack Based Buffer Overflow Vulnerability (Devils Ivy)




Genivia gSOAP (Simple Object Access Protocol) is a web services toolkit, that is used to enable devices communicate with the internet.

Genivia gSOAP is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized buffer. A remote attacker could exploit this vulnerability to crash the SOAP WebServices daemon or execute arbitrary code on the product.

More details about this vulnerability can be found here: Devils Ivy.

Affected Versions:
Genivia gSOAP 2.7.x and 2.8.x before 2.8.48

QID Detection Logic:
Since the Genivia gSOAP toolkit versions can not be remotely detected, this unauthenticated QID detects vulnerable devices that use the toolkit. The individual vendor advisory can be found here:


Successful exploitation allows an attacker to execute arbitrary code, remotely access a video feed or deny the owner access to the feed leading to a denial of service vulnerability.


Customers are advised to upgrade to Genivia 2.8.48 or later versions to remediate this vulnerability. Customers having the vulnerable product implemented in their IoT devices are advised to contact the respective vendors for updates pertaining to this vulnerability.

Following are links for downloading patches to fix the vulnerabilities:

Genivia 2.8.48 or later

Leave a Reply