ByteOS Network

Vulnerability Details :

CVE-2023-48906

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-01 Apr, 2024 | 00:00

Updated At-28 Mar, 2025 | 19:27

Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the char_for_nibble function.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:01 Apr, 2024 | 00:00

Updated At:28 Mar, 2025 | 19:27

▼CVE Numbering Authority (CNA)

Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the char_for_nibble function.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://www.cnblogs.com/focu5/p/18070469	N/A

Hyperlink: https://www.cnblogs.com/focu5/p/18070469

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-121	CWE-121 Stack-based Buffer Overflow

Type: CWE

CWE ID: CWE-121

Description: CWE-121 Stack-based Buffer Overflow

Metrics

Version	Base score	Base severity	Vector
3.1	4.3	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Version: 3.1

Base score: 4.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Metrics Other Info

2. CVE Program Container

References

Hyperlink	Resource
https://www.cnblogs.com/focu5/p/18070469	x_transferred

Hyperlink: https://www.cnblogs.com/focu5/p/18070469

Resource:

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:01 Apr, 2024 | 20:15

Updated At:28 Mar, 2025 | 20:15

Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the char_for_nibble function.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	4.3	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Type: Secondary

Version: 3.1

Base score: 4.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Weaknesses

CWE ID	Type	Source
CWE-121	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-121

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://www.cnblogs.com/focu5/p/18070469	cve@mitre.org	N/A
https://www.cnblogs.com/focu5/p/18070469	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: https://www.cnblogs.com/focu5/p/18070469

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://www.cnblogs.com/focu5/p/18070469

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Similar CVEs

3Records found

CVE-2023-40465

Matching Score-4

Assigner-Sierra Wireless Inc.

View Details

Matching Score-4

Assigner-Sierra Wireless Inc.

CVSS Score-8.3||HIGH

EPSS-0.00% / 0.04%

7 Day CHG~0.00%

Published-04 Dec, 2023 | 23:02

Updated-02 Aug, 2024 | 18:31

Improper input leads to DoS

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal.

Vendor-sierrawireless SierraWireless

Product-es450 lx40 aleos lx60 rv55 rv50x gx450 mp70 ALEOS

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-41462

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-0.21% / 43.81%

7 Day CHG~0.00%

Published-24 Jul, 2024 | 00:00

Updated-02 Aug, 2024 | 04:46

Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.

Vendor-n/a Tenda Technology Co., Ltd.

Product-fh1201_firmware fh1201 n/a fh1201_firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2025-1758

Matching Score-4

Assigner-Progress Software Corporation

View Details

Matching Score-4

Assigner-Progress Software Corporation

CVSS Score-4.3||MEDIUM

EPSS-0.03% / 6.53%

7 Day CHG~0.00%

Published-19 Mar, 2025 | 15:28

Updated-31 Jul, 2025 | 18:49

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and above

Vendor-Progress Software Corporation

Product-multi-tenant_loadmaster loadmaster LoadMaster

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2023-48906

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs