Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-7617

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-10 Apr, 2017 | 14:00
Updated At-05 Aug, 2024 | 16:12
Rejected At-
Credits

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:10 Apr, 2017 | 14:00
Updated At:05 Aug, 2024 | 16:12
Rejected At:
▼CVE Numbering Authority (CNA)

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/97377
vdb-entry
x_refsource_BID
https://bugs.debian.org/859910
x_refsource_CONFIRM
http://downloads.asterisk.org/pub/security/AST-2017-001.html
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/97377
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://bugs.debian.org/859910
Resource:
x_refsource_CONFIRM
Hyperlink: http://downloads.asterisk.org/pub/security/AST-2017-001.html
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/97377
vdb-entry
x_refsource_BID
x_transferred
https://bugs.debian.org/859910
x_refsource_CONFIRM
x_transferred
http://downloads.asterisk.org/pub/security/AST-2017-001.html
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/97377
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://bugs.debian.org/859910
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://downloads.asterisk.org/pub/security/AST-2017-001.html
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Apr, 2017 | 14:59
Updated At:20 Apr, 2025 | 01:37

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.8HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches

Digium, Inc.
digium
>>asterisk>>13.0.0
cpe:2.3:a:digium:asterisk:13.0.0:*:*:*:lts:*:*:*
Digium, Inc.
digium
>>asterisk>>13.0.0
cpe:2.3:a:digium:asterisk:13.0.0:beta1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.0.0
cpe:2.3:a:digium:asterisk:13.0.0:beta2:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.0.0
cpe:2.3:a:digium:asterisk:13.0.0:beta3:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.0.1
cpe:2.3:a:digium:asterisk:13.0.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.0.2
cpe:2.3:a:digium:asterisk:13.0.2:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.1.0
cpe:2.3:a:digium:asterisk:13.1.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.1.0
cpe:2.3:a:digium:asterisk:13.1.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.1.0
cpe:2.3:a:digium:asterisk:13.1.0:rc2:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.1.1
cpe:2.3:a:digium:asterisk:13.1.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.2.0
cpe:2.3:a:digium:asterisk:13.2.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.2.0
cpe:2.3:a:digium:asterisk:13.2.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.2.1
cpe:2.3:a:digium:asterisk:13.2.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.3.0
cpe:2.3:a:digium:asterisk:13.3.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.3.2
cpe:2.3:a:digium:asterisk:13.3.2:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.4.0
cpe:2.3:a:digium:asterisk:13.4.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.4.0
cpe:2.3:a:digium:asterisk:13.4.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.5.0
cpe:2.3:a:digium:asterisk:13.5.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.5.0
cpe:2.3:a:digium:asterisk:13.5.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.6.0
cpe:2.3:a:digium:asterisk:13.6.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.7.0
cpe:2.3:a:digium:asterisk:13.7.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.7.0
cpe:2.3:a:digium:asterisk:13.7.0:rc2:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.7.1
cpe:2.3:a:digium:asterisk:13.7.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.7.2
cpe:2.3:a:digium:asterisk:13.7.2:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.8.0
cpe:2.3:a:digium:asterisk:13.8.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.8.0
cpe:2.3:a:digium:asterisk:13.8.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.8.1
cpe:2.3:a:digium:asterisk:13.8.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.8.2
cpe:2.3:a:digium:asterisk:13.8.2:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.9.0
cpe:2.3:a:digium:asterisk:13.9.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.9.1
cpe:2.3:a:digium:asterisk:13.9.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.10.0
cpe:2.3:a:digium:asterisk:13.10.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.10.0
cpe:2.3:a:digium:asterisk:13.10.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.11.0
cpe:2.3:a:digium:asterisk:13.11.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.11.1
cpe:2.3:a:digium:asterisk:13.11.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.11.2
cpe:2.3:a:digium:asterisk:13.11.2:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.12
cpe:2.3:a:digium:asterisk:13.12:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.12.0
cpe:2.3:a:digium:asterisk:13.12.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.12.1
cpe:2.3:a:digium:asterisk:13.12.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.12.2
cpe:2.3:a:digium:asterisk:13.12.2:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.13
cpe:2.3:a:digium:asterisk:13.13:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.13.0
cpe:2.3:a:digium:asterisk:13.13.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>13.14.0
cpe:2.3:a:digium:asterisk:13.14.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0
cpe:2.3:a:digium:asterisk:14.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.0
cpe:2.3:a:digium:asterisk:14.0.0:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.0
cpe:2.3:a:digium:asterisk:14.0.0:beta1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.0
cpe:2.3:a:digium:asterisk:14.0.0:beta2:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.0
cpe:2.3:a:digium:asterisk:14.0.0:rc1:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.0
cpe:2.3:a:digium:asterisk:14.0.0:rc2:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.1
cpe:2.3:a:digium:asterisk:14.0.1:*:*:*:*:*:*:*
Digium, Inc.
digium
>>asterisk>>14.0.2
cpe:2.3:a:digium:asterisk:14.0.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://downloads.asterisk.org/pub/security/AST-2017-001.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97377cve@mitre.org
Third Party Advisory
VDB Entry
https://bugs.debian.org/859910cve@mitre.org
Patch
Third Party Advisory
http://downloads.asterisk.org/pub/security/AST-2017-001.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.securityfocus.com/bid/97377af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://bugs.debian.org/859910af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
Hyperlink: http://downloads.asterisk.org/pub/security/AST-2017-001.html
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/97377
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugs.debian.org/859910
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: http://downloads.asterisk.org/pub/security/AST-2017-001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/97377
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugs.debian.org/859910
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

251Records found

CVE-2025-5527
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.74%
||
7 Day CHG~0.00%
Published-03 Jun, 2025 | 20:31
Updated-09 Jun, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda RX3 SetStaticRouteCfg save_staticroute_data stack-based overflow

A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical. This issue affects the function save_staticroute_data of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-rx3_firmwarerx3RX3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-3693
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.28% / 51.41%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 14:00
Updated-16 Jul, 2025 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W12 httpd cgiWifiRadioSet stack-based overflow

A vulnerability was found in Tenda W12 3.0.0.5. It has been rated as critical. Affected by this issue is the function cgiWifiRadioSet of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w12_firmwarew12W12
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-3346
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.19% / 41.50%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 09:31
Updated-27 May, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 SetPptpServerCfg formSetPPTPServer buffer overflow

A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptp_server_start_ip/pptp_server_end_ip leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7_firmwareac7AC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-5572
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.37%
||
7 Day CHG~0.00%
Published-04 Jun, 2025 | 06:00
Updated-06 Jun, 2025 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DCS-932L setSystemEmail stack-based overflow

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. Affected by this vulnerability is the function setSystemEmail of the file /setSystemEmail. The manipulation of the argument EmailSMTPPortNumber leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dcs-932ldcs-932l_firmwareDCS-932L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-5685
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.16% / 37.40%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 20:00
Updated-10 Jun, 2025 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda CH22 Natlimit formNatlimit stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ch22ch22_firmwareCH22
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-5671
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-05 Jun, 2025 | 17:31
Updated-05 Jun, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK N302R Plus HTTP POST Request formPortFw buffer overflow

A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-N302R Plus
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-11960
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.78% / 72.81%
||
7 Day CHG+0.08%
Published-28 Nov, 2024 | 14:31
Updated-04 Dec, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-605L formSetPortTr buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-605l_firmwaredir-605lDIR-605Ldir-605l
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-3786
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 34.37%
||
7 Day CHG~0.00%
Published-18 Apr, 2025 | 09:00
Updated-22 Apr, 2025 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflow

A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue affects the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac15AC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-11745
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.36% / 57.65%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 21:00
Updated-03 Dec, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac8ac8_firmwareAC8ac8_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-3328
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 39.03%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 00:31
Updated-07 Apr, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC1206 fast_setting_wifi_set form_fast_setting_wifi_set buffer overflow

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac1206ac1206_firmwareAC1206
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14307
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.22% / 78.27%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 14:18
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:* up to (including) 1.12 running on cpe:2.3:o:ricoh:sp_c250sf:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252sf:-:*:*:*:*:*:*:*.

Action-Not Available
Vendor-n/aRicoh Company, Ltd.
Product-sp_c250sfsp_c252sf_firmwaresp_c252sfsp_c250sf_firmwaresp_c250dnsp_c252dnsp_c252dn_firmwaresp_c250dn_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14305
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.28% / 78.78%
||
7 Day CHG~0.00%
Published-26 Aug, 2019 | 14:19
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for Wi-Fi, mDNS, POP3, SMTP, and notification alerts, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Affected firmware versions depend on the printer models. One affected configuration is cpe:2.3:o:ricoh:sp_c250dn_firmware:-:*:*:*:*:*:*:* up to (including) 1.06 running on cpe:2.3:o:ricoh:sp_c250dn:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252dn:-:*:*:*:*:*:*:*. Another affected configuration is cpe:2.3:o:ricoh:sp_c250sf_firmware:-:*:*:*:*:*:*:* up to (including) 1.12 running on cpe:2.3:o:ricoh:sp_c250sf:-:*:*:*:*:*:*:*, cpe:2.3:o:ricoh:sp_c252sf:-:*:*:*:*:*:*:*.

Action-Not Available
Vendor-n/aRicoh Company, Ltd.
Product-sp_c250sfsp_c252sf_firmwaresp_c252sfsp_c250sf_firmwaresp_c250dnsp_c252dnsp_c252dn_firmwaresp_c250dn_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-11959
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.78% / 72.81%
||
7 Day CHG+0.08%
Published-28 Nov, 2024 | 14:31
Updated-04 Dec, 2024 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-605L formResetStatistic buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-605l_firmwaredir-605lDIR-605Ldir-605l
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2008-1358
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-76.23% / 98.88%
||
7 Day CHG~0.00%
Published-17 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.

Action-Not Available
Vendor-altnn/a
Product-mdaemonn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-12344
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-1.34% / 79.23%
||
7 Day CHG+0.06%
Published-08 Dec, 2024 | 23:00
Updated-10 Dec, 2024 | 23:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TP-Link VN020 F3v(T) FTP USER Command memory corruption

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-vn020_f3vvn020_f3v_firmwareVN020 F3v(T)
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11047
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.20% / 41.90%
||
7 Day CHG+0.05%
Published-10 Nov, 2024 | 03:31
Updated-13 Nov, 2024 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp stack-based overflow

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-8003_firmwaredi-8003DI-8003di-8003_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-11048
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.20% / 42.68%
||
7 Day CHG+0.05%
Published-10 Nov, 2024 | 04:00
Updated-13 Nov, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-8003_firmwaredi-8003DI-8003di-8003_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-14879
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.08% / 25.38%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-5215
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.11% / 29.35%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 00:00
Updated-05 Jun, 2025 | 15:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DCS-5020L ptdc.cgi websReadEvent stack-based overflow

A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the argument Authorization leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dcs-5020l_firmwaredcs-5020lDCS-5020L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11248
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.33% / 54.86%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 17:00
Updated-19 Nov, 2024 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10ac10_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-5080
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.12% / 32.50%
||
7 Day CHG~0.00%
Published-22 May, 2025 | 15:00
Updated-20 Jun, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda FH451 webExcptypemanFilter stack-based overflow

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-fh451_firmwarefh451FH451
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11061
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.83% / 73.59%
||
7 Day CHG+0.06%
Published-11 Nov, 2024 | 00:31
Updated-13 Nov, 2024 | 23:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 fast_setting_wifi_set FUN_0044db3c stack-based overflow

A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10ac10_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-10964
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.40% / 60.10%
||
7 Day CHG+0.03%
Published-07 Nov, 2024 | 17:00
Updated-26 Nov, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
emqx neuron plugin_handle.c handle_add_plugin buffer overflow

A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. Affected is the function handle_add_plugin in the library cmd.library of the file plugins/restful/plugin_handle.c. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-emqxemqxemqx
Product-neuronneuronneuron
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4835
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 19:31
Updated-19 May, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formWlanRedirect buffer overflow

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A3002RA3002RUA702R
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4810
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.11% / 29.43%
||
7 Day CHG~0.00%
Published-16 May, 2025 | 20:31
Updated-24 May, 2025 | 01:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC7 SetRebootTimer formSetRebootTimer stack-based overflow

A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac7ac7_firmwareAC7
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-4825
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 10:07
Updated-19 May, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDMZ buffer overflow

A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A3002RA3002RUA702R
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-11056
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.50% / 65.08%
||
7 Day CHG+0.04%
Published-10 Nov, 2024 | 16:31
Updated-14 Nov, 2024 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10ac10_firmwareAC10ac10_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-4834
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 19:00
Updated-19 May, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSetLg buffer overflow

A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A3002RA3002RUA702R
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4832
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 17:00
Updated-19 May, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDosCfg buffer overflow

A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A3002RA3002RUA702R
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4827
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 14:49
Updated-19 May, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formSaveConfig buffer overflow

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-A3002RA3002RUA702R
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4841
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.06% / 17.23%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 22:31
Updated-03 Jun, 2025 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DCS-932L gpio sub_404780 stack-based overflow

A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the argument CameraName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dcs-932ldcs-932l_firmwareDCS-932L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-3161
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.10% / 28.98%
||
7 Day CHG~0.00%
Published-03 Apr, 2025 | 14:31
Updated-07 Apr, 2025 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC10 ShutdownSetAdd stack-based overflow

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-AC10
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2017-14452
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.38% / 58.82%
||
7 Day CHG~0.00%
Published-23 Aug, 2018 | 18:00
Updated-17 Sep, 2024 | 04:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable buffer overflow vulnerability exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A strcpy overflows the buffer insteon_pubnub.channel_cc_r, which has a size of 16 bytes. An attacker can send an arbitrarily long "c_r" parameter in order to exploit this vulnerability. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_firmwarehubInsteon Hub 2245-222
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14453
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.5||HIGH
EPSS-0.40% / 59.56%
||
7 Day CHG~0.00%
Published-23 Aug, 2018 | 15:00
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. A strcpy overflows the buffer insteon_pubnub.channel_ad_r, which has a size of 16 bytes. An attacker can send an arbitrarily long "ad_r" parameter in order to exploit this vulnerability.

Action-Not Available
Vendor-Insteon Technologies, Inc
Product-hub_2245-222hub_2245-222_firmwareInsteon Hub 2245-222
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-13772
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-68.85% / 98.56%
||
7 Day CHG~0.00%
Published-23 Oct, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-wr940nwr940n_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-4733
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-16 May, 2025 | 00:31
Updated-20 Jun, 2025 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A3002R/A3002RU HTTP POST Request formIpQoS buffer overflow

A vulnerability, which was classified as critical, has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-a3002rua3002ru_firmwarea3002ra3002r_firmwareA3002RA3002RU
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-4407
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-90.88% / 99.61%
||
7 Day CHG~0.00%
Published-03 Apr, 2019 | 00:00
Updated-05 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchostvosiOS, macOS, tvOS, watchOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5464
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-12.98% / 93.80%
||
7 Day CHG~0.00%
Published-15 Oct, 2007 | 22:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users to cause a denial of service (client crash) and possibly execute arbitrary code via a long skin name.

Action-Not Available
Vendor-lfsn/a
Product-live_for_speedn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-12420
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.95% / 82.71%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code.

Action-Not Available
Vendor-n/aNetApp, Inc.
Product-clustered_data_ontapn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-1274
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-17.77% / 94.87%
||
7 Day CHG~0.00%
Published-25 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.

Action-Not Available
Vendor-IBM Corporation
Product-dominoDomino
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3951
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-10.16% / 92.82%
||
7 Day CHG~0.00%
Published-01 Dec, 2018 | 06:00
Updated-17 Sep, 2024 | 01:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an authenticated HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-Talos (Cisco Systems, Inc.)TP-Link Systems Inc.
Product-tl-r600vpn_firmwaretl-r600vpnTP-Link
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-4731
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.17% / 38.23%
||
7 Day CHG~0.00%
Published-16 May, 2025 | 00:00
Updated-20 Jun, 2025 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK A3002R/A3002RU HTTP POST Request formPortFw buffer overflow

A vulnerability classified as critical has been found in TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type/ip_subnet leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-a3002rua3002ru_firmwarea3002ra3002r_firmwareA3002RA3002RU
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-9577
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.86% / 87.76%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 20:00
Updated-06 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

Action-Not Available
Vendor-spice_projectDebian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationspiceenterprise_linux_desktopspice
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-3925
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-89.93% / 99.55%
||
7 Day CHG~0.00%
Published-21 Jul, 2007 | 00:00
Updated-07 Aug, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.

Action-Not Available
Vendor-n/aIpswitch, Inc.
Product-imail_serveripswitch_collaboration_suiten/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-3807
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-15.27% / 94.35%
||
7 Day CHG~0.00%
Published-09 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal. Vulnerable Cisco ASA Software running on the following products may be affected by this vulnerability: Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco ASA for Firepower 9300 Series, Cisco ASA for Firepower 4100 Series. Cisco Bug IDs: CSCvc23838.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_softwareCisco ASA Software with Clientless SSL VPN portal is enabled Major Releases 9.0-9.6
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-4448
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.06% / 18.28%
||
7 Day CHG~0.00%
Published-09 May, 2025 | 00:31
Updated-13 May, 2025 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-619L formEasySetupWizard buffer overflow

A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-619ldir-619l_firmwareDIR-619L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2007-0270
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-15.80% / 94.47%
||
7 Day CHG~0.00%
Published-17 Jan, 2007 | 02:00
Updated-07 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-0806
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-4.52% / 88.72%
||
7 Day CHG~0.00%
Published-27 Jan, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors.

Action-Not Available
Vendor-duckcorpn/a
Product-bipn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-3991
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.22% / 44.30%
||
7 Day CHG+0.05%
Published-27 Apr, 2025 | 23:31
Updated-12 May, 2025 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TOTOLINK N150RT formWdsEncrypt buffer overflow

A vulnerability, which was classified as critical, was found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boafrm/formWdsEncrypt. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-TOTOLINK
Product-n150rtn150rt_firmwareN150RT
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-4150
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.26% / 49.65%
||
7 Day CHG~0.00%
Published-01 May, 2025 | 04:31
Updated-13 May, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netgear EX6200 sub_54340 buffer overflow

A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-ex6200ex6200_firmwareEX6200
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found