Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-50244

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-08 Jul, 2024 | 15:22
Updated At-02 Aug, 2024 | 22:09
Rejected At-
Credits

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `entry_name` request's parameter.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:08 Jul, 2024 | 15:22
Updated At:02 Aug, 2024 | 22:09
Rejected At:
▼CVE Numbering Authority (CNA)

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `entry_name` request's parameter.

Affected Products
Vendor
LevelOne
Product
WBR-6013
Versions
Affected
  • RER4_A_v3411b_2T2R_LEV_09_170623
Vendor
Realtek Semiconductor Corp.Realtek
Product
rtl819x Jungle SDK
Versions
Affected
  • v3.4.11
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121: Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895
N/A
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Realtek Semiconductor Corp.realtek
Product
rtl819x_software_development_kit
CPEs
  • cpe:2.3:a:realtek:rtl819x_software_development_kit:3.4.11:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 3.4.11
Vendor
level_one
Product
wbr6013
CPEs
  • cpe:2.3:a:level_one:wbr6013:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • rer4_a_v3411b_2t2r_lev_09_170623
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895
x_transferred
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:08 Jul, 2024 | 16:15
Updated At:08 Jul, 2024 | 16:35

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `entry_name` request's parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-121Primarytalos-cna@cisco.com
CWE ID: CWE-121
Type: Primary
Source: talos-cna@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895talos-cna@cisco.com
N/A
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895
Source: talos-cna@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

243Records found
CVE-2023-50330
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-4.14% / 88.19%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.

Action-Not Available
Vendor-LevelOneleveloneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr-6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-50240
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-5.34% / 89.67%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `AdvDefaultPreference` request's parameter.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-50243
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-5.34% / 89.67%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `comment` request's parameter.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-50239
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-5.34% / 89.67%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `interfacename` request's parameter.

Action-Not Available
Vendor-level1LevelOnelevel_oneRealtek Semiconductor Corp.
Product-wbr-6013_firmwarewbr-6013rtl819x_jungle_software_development_kitWBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-49595
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.29% / 51.71%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-level1LevelOnelevel_oneRealtek Semiconductor Corp.
Product-wbr-6013_firmwarewbr-6013rtl819x_jungle_software_development_kitWBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-49073
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.29% / 51.71%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-49867
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-4.14% / 88.19%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.

Action-Not Available
Vendor-level1LevelOnelevel_oneRealtek Semiconductor Corp.
Product-wbr-6013_firmwarewbr-6013rtl819x_jungle_software_development_kitWBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-48270
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.29% / 51.71%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-47856
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-4.14% / 88.19%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-45215
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.15% / 36.85%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-41251
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-3.27% / 86.65%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-21778
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.29% / 51.71%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:25
Updated-01 Aug, 2024 | 22:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An attacker can upload a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-LevelOneleveloneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr-6013
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-50383
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.30% / 53.16%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `localPin` request's parameter.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50382
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.30% / 53.16%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `peerPin` request's parameter.

Action-Not Available
Vendor-LevelOneleveloneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr-6013
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-49593
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.17% / 38.59%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.

Action-Not Available
Vendor-level1LevelOnelevel_one
Product-wbr-6013_firmwarewbr-6013WBR-6013wbr6013
CWE ID-CWE-489
Active Debug Code
CVE-2023-45742
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.15% / 35.91%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-40740
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-7.2||HIGH
EPSS-0.34% / 55.76%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Realtek GPON router - Command Injection

Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.

Action-Not Available
Vendor-Realtek Semiconductor Corp.
Product-xpon_software_development_kitusdkGPON router
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-50381
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.39% / 58.91%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:22
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `targetAPSsid` request's parameter.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-34435
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:25
Updated-02 Aug, 2024 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.

Action-Not Available
Vendor-LevelOnelevel_oneRealtek Semiconductor Corp.
Product-WBR-6013rtl819x Jungle SDKrtl819x_software_development_kitwbr6013
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2020-25854
Matching Score-6
Assigner-JFrog
ShareView Details
Matching Score-6
Assigner-JFrog
CVSS Score-8.1||HIGH
EPSS-1.10% / 77.09%
||
7 Day CHG~0.00%
Published-03 Feb, 2021 | 16:49
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this.

Action-Not Available
Vendor-n/aRealtek Semiconductor Corp.
Product-rtl8195artl8195a_firmwareRealtek RTL8195A Wi-Fi Module
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25857
Matching Score-6
Assigner-JFrog
ShareView Details
Matching Score-6
Assigner-JFrog
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.39%
||
7 Day CHG~0.00%
Published-03 Feb, 2021 | 16:48
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK.

Action-Not Available
Vendor-n/aRealtek Semiconductor Corp.
Product-rtl8195artl8195a_firmwareRealtek RTL8195A Wi-Fi Module
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25855
Matching Score-6
Assigner-JFrog
ShareView Details
Matching Score-6
Assigner-JFrog
CVSS Score-8.1||HIGH
EPSS-1.86% / 82.31%
||
7 Day CHG~0.00%
Published-03 Feb, 2021 | 16:49
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this.

Action-Not Available
Vendor-n/aRealtek Semiconductor Corp.
Product-rtl8195artl8195a_firmwareRealtek RTL8195A Wi-Fi Module
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25856
Matching Score-6
Assigner-JFrog
ShareView Details
Matching Score-6
Assigner-JFrog
CVSS Score-8.1||HIGH
EPSS-1.10% / 77.09%
||
7 Day CHG~0.00%
Published-03 Feb, 2021 | 16:49
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this.

Action-Not Available
Vendor-n/aRealtek Semiconductor Corp.
Product-rtl8195artl8195a_firmwareRealtek RTL8195A Wi-Fi Module
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-8949
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-0.09% / 26.22%
||
7 Day CHG+0.02%
Published-14 Aug, 2025 | 07:02
Updated-18 Aug, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.cgi of the component httpd. The manipulation of the argument ping_ipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-825_firmwaredir-825DIR-825
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-20250
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 47.56%
||
7 Day CHG~0.00%
Published-06 Sep, 2023 | 16:59
Updated-24 Oct, 2024 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv130w_firmwarerv130_firmwarerv110wrv110w_firmwarerv130wrv215wrv130rv215w_firmwareCisco Small Business RV Series Router Firmwaresmall_business_rv_series_router_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-7602
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-0.22% / 44.96%
||
7 Day CHG+0.10%
Published-14 Jul, 2025 | 12:02
Updated-15 Jul, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-8100 HTTP Request arp_sys.asp stack-based overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-DI-8100
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-33549
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.2||HIGH
EPSS-89.59% / 99.53%
||
7 Day CHG~0.00%
Published-13 Sep, 2021 | 17:55
Updated-17 Sep, 2024 | 00:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UDP Technology/Geutebrück camera devices: Buffer overflow in action parameter leading to RCE

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-geutebrueckGeutebrück
Product-g-cam_ethc-2249g-cam_ethc-2230_firmwareg-cam_efd-2251_firmwareg-code_eec-2400g-code_een-2010_firmwareg-code_een-2040_firmwareg-cam_ebc-2112_firmwareg-cam_ethc-2230g-code_een-2010g-cam_ewpc-2270_firmwareg-code_een-2040g-cam_ethc-2240_firmwareg-cam_ebc-2112g-cam_ewpc-2275g-cam_ewpc-2271_firmwareg-cam_ewpc-2271g-cam_ethc-2239g-cam_efd-2250g-cam_efd-2251g-cam_ebc-2111g-cam_ebc-2110g-cam_ebc-2111_firmwareg-cam_ethc-2249_firmwareg-cam_ethc-2240g-cam_efd-2250_firmwareg-cam_ethc-2239_firmwareg-cam_ebc-2110_firmwareg-code_eec-2400_firmwareg-cam_ewpc-2270g-cam_efd-2241g-cam_efd-2241_firmwareg-cam_ewpc-2275_firmwareEncoder G-CodeE2 Series
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-7603
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-0.22% / 44.96%
||
7 Day CHG+0.10%
Published-14 Jul, 2025 | 12:14
Updated-15 Jul, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-8100 HTTP Request jingx.asp stack-based overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-DI-8100
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-12803
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-7.2||HIGH
EPSS-0.36% / 57.22%
||
7 Day CHG~0.00%
Published-09 Jan, 2025 | 07:21
Updated-17 Jan, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution.

Action-Not Available
Vendor-SonicWall Inc.
Product-SonicOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-25090
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.2||HIGH
EPSS-0.10% / 28.15%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 14:53
Updated-14 Nov, 2024 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the handle_interface_acl function with the interface and in_acl variables.

Action-Not Available
Vendor-Milesight
Product-ur32l_firmwareur32lUR32Lur32l
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0994
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.10% / 27.29%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 01:31
Updated-12 Nov, 2024 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W6 httpd setcfm formSetCfm stack-based overflow

A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been declared as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252259. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w6w6_firmwareW6
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0990
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.74%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 00:31
Updated-28 Aug, 2024 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda i6 httpd setAutoPing formSetAutoPing stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda i6 1.0.0.9(3857). This affects the function formSetAutoPing of the file /goform/setAutoPing of the component httpd. The manipulation of the argument ping1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252255. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-i6i6_firmwarei6i6_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-1004
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.08% / 24.65%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 15:00
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N200RE cstecgi.cgi loginAuth stack-based overflow

A vulnerability, which was classified as critical, was found in Totolink N200RE 9.3.5u.6139_B20201216. This affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252273 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n200re_firmwaren200reN200RE
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0998
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.43% / 61.84%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 13:00
Updated-29 May, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N200RE cstecgi.cgi setDiagnosisCfg stack-based overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252267. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n200re_firmwaren200reN200RE
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0997
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.85%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 12:31
Updated-05 Sep, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N200RE cstecgi.cgi setOpModeCfg stack-based overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. Affected by this issue is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252266 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n200re_firmwaren200reN200REn200re_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-36301
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-5.9||MEDIUM
EPSS-13.33% / 93.90%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 20:00
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac8_firmwareemc_idrac9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-1001
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.18%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 13:31
Updated-16 Jun, 2025 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N200RE cstecgi.cgi main stack-based overflow

A vulnerability classified as critical has been found in Totolink N200RE 9.3.5u.6139_B20201216. Affected is the function main of the file /cgi-bin/cstecgi.cgi. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-252270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n200re_firmwaren200reN200RE
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0995
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.74%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 02:00
Updated-02 Jun, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda W6 httpd wifiSSIDset formwrlSSIDset stack-based overflow

A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been rated as critical. Affected by this issue is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252260. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-w6w6_firmwareW6
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-10238
Matching Score-4
Assigner-def9a96e-e099-41a9-bfac-30fd4f82c411
ShareView Details
Matching Score-4
Assigner-def9a96e-e099-41a9-bfac-30fd4f82c411
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.82%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 08:00
Updated-04 Feb, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
fld->used_bytes without sanity check causes stack overflow

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by not checking fld->used_bytes.

Action-Not Available
Vendor-SMCI
Product-MBD-X12DPG-OA6
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-10239
Matching Score-4
Assigner-def9a96e-e099-41a9-bfac-30fd4f82c411
ShareView Details
Matching Score-4
Assigner-def9a96e-e099-41a9-bfac-30fd4f82c411
CVSS Score-7.2||HIGH
EPSS-0.09% / 25.84%
||
7 Day CHG~0.00%
Published-04 Feb, 2025 | 08:02
Updated-04 Feb, 2025 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
fld->used_bytes without sanity check causes stack overflow

A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a stack overflow due to the unchecked fat->fsd.max_fld.

Action-Not Available
Vendor-SMCI
Product-MBD-X12DPG-OA6
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0992
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.74%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 01:00
Updated-16 Jun, 2025 | 18:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda i6 httpd wifiSSIDset formwrlSSIDset stack-based overflow

A vulnerability was found in Tenda i6 1.0.0.9(3857) and classified as critical. This issue affects the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252257 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-i6i6_firmwarei6
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0991
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.10% / 27.29%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 01:00
Updated-18 Oct, 2024 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda i6 httpd setcfm formSetCfm stack-based overflow

A vulnerability has been found in Tenda i6 1.0.0.9(3857) and classified as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252256. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-i6i6_firmwarei6i6
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-1003
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.10% / 27.41%
||
7 Day CHG~0.00%
Published-29 Jan, 2024 | 14:31
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N200RE cstecgi.cgi setLanguageCfg stack-based overflow

A vulnerability, which was classified as critical, has been found in Totolink N200RE 9.3.5u.6139_B20201216. Affected by this issue is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252272. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n200re_firmwaren200reN200RE
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-36347
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.2||MEDIUM
EPSS-1.77% / 81.90%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 22:15
Updated-16 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.

Action-Not Available
Vendor-Dell Inc.
Product-integrated_dell_remote_access_controller_9integrated_dell_remote_access_controller_8_firmwareintegrated_dell_remote_access_controller_8integrated_dell_remote_access_controller_9_firmwareIntegrated Dell Remote Access Controller (iDRAC)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-7218
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.53%
||
7 Day CHG~0.00%
Published-08 Jan, 2024 | 21:00
Updated-17 Jun, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N350RT cstecgi.cgi loginAuth stack-based overflow

A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-249852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n350rt_firmwaren350rtN350RT
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0533
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.19% / 41.13%
||
7 Day CHG~0.00%
Published-15 Jan, 2024 | 02:31
Updated-13 Jun, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250703. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a15a15_firmwareA15
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0531
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.13% / 33.84%
||
7 Day CHG~0.00%
Published-15 Jan, 2024 | 02:00
Updated-03 Jun, 2025 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A15 Web-based Management Interface setBlackRule stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a15a15_firmwareA15
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-7219
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.24%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 06:00
Updated-03 Jun, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Totolink N350RT cstecgi.cgi loginAuth stack-based overflow

A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249853 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-TOTOLINK
Product-n350rt_firmwaren350rtN350RT
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-0532
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-0.34% / 55.85%
||
7 Day CHG~0.00%
Published-15 Jan, 2024 | 02:00
Updated-14 May, 2025 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapsk_crypto2_4g/wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a15a15_firmwareA15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0534
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.2||HIGH
EPSS-0.12% / 31.11%
||
7 Day CHG~0.00%
Published-15 Jan, 2024 | 02:31
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow

A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250704. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a15a15_firmwareA15
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found