ByteOS Network

Vulnerability Details :

CVE-2019-16641

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-16 Jul, 2024 | 00:00

Updated At-12 Aug, 2024 | 17:53

An issue was found on the Ruijie EG-2000 series gateway. There is a buffer overflow in client.so. Consequently, an attacker can use login.php to login to any account, without providing its password. This affects EG-2000SE EG_RGOS 11.1(1)B1.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:16 Jul, 2024 | 00:00

Updated At:12 Aug, 2024 | 17:53

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://0x.mk/?p=239	N/A

Hyperlink: https://0x.mk/?p=239

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://0x.mk/?p=239	x_transferred

Hyperlink: https://0x.mk/?p=239

Resource:

x_transferred

2. CISA ADP Vulnrichment

Affected Products

Vendor

Ruijie Networks Co., Ltd.

Product

eg-2000se_eg_rgos_firmware

CPEs

cpe:2.3:o:ruijie:eg-2000se_eg_rgos_firmware:11.1\(1\)b1:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

11.1\(1\)b1

Problem Types

Type	CWE ID	Description
CWE	CWE-121	CWE-121 Stack-based Buffer Overflow

Type: CWE

CWE ID: CWE-121

Description: CWE-121 Stack-based Buffer Overflow

Metrics

Version	Base score	Base severity	Vector
3.1	8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:16 Jul, 2024 | 17:15

Updated At:09 Jul, 2025 | 16:59

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CPE Matches

Ruijie Networks Co., Ltd.

>>eg-2000se_firmware>>11.1\(1\)b1

cpe:2.3:o:ruijie:eg-2000se_firmware:11.1\(1\)b1:*:*:*:*:*:*:*

Ruijie Networks Co., Ltd.

>>eg-2000se>>-

cpe:2.3:h:ruijie:eg-2000se:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-121	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-121

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://0x.mk/?p=239	cve@mitre.org	Third Party Advisory Exploit
https://0x.mk/?p=239	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory Exploit

Hyperlink: https://0x.mk/?p=239

Source: cve@mitre.org

Resource:

Third Party Advisory

Exploit

Hyperlink: https://0x.mk/?p=239

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Third Party Advisory

Exploit

Similar CVEs

15Records found

CVE-2013-2597

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-4.61% / 88.83%

7 Day CHG~0.00%

Published-31 Aug, 2014 | 10:00

Updated-27 Aug, 2025 | 20:32

Known KEV||Action Due Date - 2022-10-06||Apply updates per vendor instructions.

Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.

Vendor-codeaurora n/a Code Aurora

Product-android-msm n/a ACDB Audio Driver

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-37984

Matching Score-4

Assigner-Microsoft Corporation

View Details

Matching Score-4

Assigner-Microsoft Corporation

CVSS Score-8.4||HIGH

EPSS-1.05% / 76.60%

7 Day CHG~0.00%

Published-09 Jul, 2024 | 17:03

Updated-05 May, 2025 | 17:01

Secure Boot Security Feature Bypass Vulnerability

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-36600

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.08% / 25.00%

7 Day CHG~0.00%

Published-14 Jun, 2024 | 00:00

Updated-20 Jun, 2025 | 19:00

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.

Vendor-n/a GNU

Product-libcdio n/a libcdio

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-35333

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.18% / 39.61%

7 Day CHG~0.00%

Published-29 May, 2024 | 15:12

Updated-13 Feb, 2025 | 15:54

A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the vulnerable function, causing a buffer overflow and potentially leading to arbitrary code execution, denial of service, or data corruption.

Vendor-n/a html2xhtml_project

Product-n/a html2xhtml

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-28582

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.06% / 17.28%

7 Day CHG~0.00%

Published-20 Mar, 2024 | 00:00

Updated-28 Mar, 2025 | 14:48

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format.

Vendor-freeimage_project n/a freeimage_project

Product-freeimage n/a freeimage

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-28580

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.60%

7 Day CHG~0.00%

Published-20 Mar, 2024 | 00:00

Updated-28 Mar, 2025 | 14:48

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format.

Vendor-freeimage_project n/a freeimage_project

Product-freeimage n/a freeimage

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-25391

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.33%

7 Day CHG~0.00%

Published-27 Mar, 2024 | 00:00

Updated-16 Apr, 2025 | 18:55

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.

Vendor-rt-thread n/a rt-thread

Product-rt-thread n/a rt-thread

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-21474

Matching Score-4

Assigner-Qualcomm, Inc.

View Details

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.07%

7 Day CHG~0.00%

Published-06 May, 2024 | 14:32

Updated-15 Jan, 2025 | 16:57

Stack-based Buffer Overflow in PMIC

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-43549

Matching Score-4

Assigner-Qualcomm, Inc.

View Details

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.12% / 32.29%

7 Day CHG~0.00%

Published-04 Mar, 2024 | 10:48

Updated-10 Jan, 2025 | 20:07

Stack-based Buffer Overflow in WLAN HAL

Memory corruption while processing TPC target power table in FTM TPC.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28538

Matching Score-4

Assigner-Qualcomm, Inc.

View Details

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 6.78%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:02

Stack-based Buffer Overflow in WIN Product

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

Vendor-Qualcomm Technologies, Inc.

Product-snapdragon_850_mobile_compute_platform_firmware sa6150p_firmware sm6250p_firmware qcs610 qca6431_firmware wcn3950_firmware sc8180x\+sdx55 sa8150p_firmware qcs2290 qca6595au_firmware sa6155 qca6335 csra6620_firmware sd_675_firmware csra6640_firmware qcs6125_firmware wcd9371_firmware sd_8cx_gen2_firmware sm4125 sd720g wcn3950 sd_8_gen1_5g_firmware sd710_firmware sd460_firmware qualcomm_robotics_rb3_platform_firmware qca6574au_firmware wcd9375_firmware sa6155_firmware qca6420 snapdragon_xr2\+_gen_1_platform sd680_firmware sd_8cx_gen2 qrb5165m_firmware sa4155p_firmware qcs6125 sa8155_firmware sd662_firmware qca6430 wcd9340 sd765g sw5100 fsm10056_firmware qca6436 sd680 sa6155p wcd9341 qca6431 qca6696_firmware wcd9371 sd750g sd870_firmware wcn3910_firmware sd_8cx sa8150p wsa8830_firmware sd855_firmware sd865_5g_firmware snapdragon_4_gen_1 sd712 wcn3988 sa8195p_firmware fastconnect_6800_firmware qcn7606_firmware wcd9380_firmware ssg2125p sw5100p snapdragon_w5\+_gen_1_wearable_platform qca6564au sd670_firmware qca6574 wcd9380 qcs410 sd690_5g_firmware sxr1230p qca6430_firmware qcn9012_firmware wcd9335_firmware wcn3980 qca6335_firmware qcm4325_firmware wcd9340_firmware wsa8815 sd7c wcn3910 qca6426_firmware sd695 wcn3980_firmware sd730 snapdragon_xr2\+_gen_1_platform_firmware snapdragon_x50_5g_modem-rf_system_firmware qca6421_firmware smart_audio_200_platform snapdragon_xr2_5g_platform sd678_firmware fastconnect_6900 fastconnect_6900_firmware sd670 smart_audio_200_platform_firmware qca6564a_firmware qualcomm_robotics_rb5_platform_firmware qcm4290_firmware sd480 sd870 wsa8832 sw5100p_firmware qcs610_firmware qsm8250 sa6145p sd695_firmware qca6595_firmware sa8145p qca6391_firmware sa4150p_firmware wcd9370_firmware sdx55 sa8155p csra6640 sd675 ssg2115p_firmware qcs8155_firmware sa4155p qcm2290 qsm8250_firmware qcn7606 wsa8830 sd678 sa8145p_firmware sxr2230p_firmware snapdragon_850_mobile_compute_platform qcs2290_firmware fsm10056 sd7c_firmware snapdragon_4_gen_1_firmware flight_rb5_5g_platform csra6620 flight_rb5_5g_platform_firmware qcs4290 sd765g_firmware qca6420_firmware sd690_5g sd730_firmware wcd9370 sd675_firmware ssg2115p qca6564 qca6426 wcn3990_firmware qrb5165n_firmware qualcomm_robotics_rb3_platform sd_8cx_firmware wcd9385_firmware wcd9326_firmware fastconnect_6200 sd662 qcn9011_firmware sa8155 snapdragon_x55_5g_modem-rf_system sdx55_firmware qca6595au sm7250p_firmware qca6436_firmware qrb5165n snapdragon_w5\+_gen_1_wearable_platform_firmware qca6564au_firmware sa6155p_firmware qca6310 qcs8155 vision_intelligence_300_platform_firmware wcn3988_firmware sa6145p_firmware qca6421 sd712_firmware sm6250 sa8195p sxr1120 wsa8810_firmware vision_intelligence_400_platform sd765_firmware snapdragon_ar2_gen_1_platform_firmware wcd9326 sg4150p wcd9335 qca6174a_firmware qcs4290_firmware wcd9385 sxr2130_firmware wcd9375 sd750g_firmware aqt1000 sc8180x\+sdx55_firmware sm6250_firmware vision_intelligence_400_platform_firmware wsa8815_firmware wsa8835_firmware sxr1120_firmware qca6564a sa4150p sg4150p_firmware qcm6125_firmware qcm4325 qcm2290_firmware wcn3990 sd_675 sd865_5g fastconnect_6800 qca6595 qcn9012 wsa8835 sxr1230p_firmware sd665_firmware sd_8_gen1_5g sm6250p ssg2125p_firmware sxr2130 qca6574a qca6174a qca6310_firmware qca6574_firmware sd855 sm4125_firmware sd665 sxr2230p snapdragon_xr2_5g_platform_firmware sd765 qca6574a_firmware fastconnect_6200_firmware sd768g_firmware qrb5165m vision_intelligence_300_platform snapdragon_x55_5g_modem-rf_system_firmware sd460 qca6391 fastconnect_7800 aqt1000_firmware qcm4290 wsa8832_firmware snapdragon_xr1_platform sd480_firmware qcn9011 qca6574au sa8155p_firmware sd710 wcd9341_firmware fastconnect_7800_firmware qcm6125 wsa8810 snapdragon_ar2_gen_1_platform qca6564_firmware sd768g qca6696 sd845_firmware sa6150p snapdragon_x50_5g_modem-rf_system sd845 qualcomm_robotics_rb5_platform sm7250p sd720g_firmware sw5100_firmware qcs410_firmware snapdragon_xr1_platform_firmware Snapdragon

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21632

Matching Score-4

Assigner-Qualcomm, Inc.

View Details

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.48%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:39

Updated-02 Aug, 2024 | 09:44

Stack-based Buffer Overflow in Automotive GPU

Memory corruption in Automotive GPU while querying a gsl memory node.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-28566

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.06% / 17.28%

7 Day CHG~0.00%

Published-20 Mar, 2024 | 00:00

Updated-28 Mar, 2025 | 14:51

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format.

Vendor-freeimage_project n/a freeimage_project

Product-freeimage n/a freeimage

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-28581

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.60%

7 Day CHG~0.00%

Published-20 Mar, 2024 | 00:00

Updated-28 Mar, 2025 | 14:48

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format.

Vendor-freeimage_project n/a freeimage_project

Product-freeimage n/a freeimage

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2022-40516

Matching Score-4

Assigner-Qualcomm, Inc.

View Details

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-4.31% / 88.43%