Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-25139

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Mar, 2024 | 00:00
Updated At-05 Aug, 2024 | 13:21
Rejected At-
Credits

In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in ER605(UN)_v2_2.2.4 Build 020240119.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Mar, 2024 | 00:00
Updated At:05 Aug, 2024 | 13:21
Rejected At:
▼CVE Numbering Authority (CNA)

In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in ER605(UN)_v2_2.2.4 Build 020240119.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.tp-link.com/us/omada-sdn/
N/A
https://github.com/microsoft/Microsoft-TP-Link-Research-Team
N/A
Hyperlink: https://www.tp-link.com/us/omada-sdn/
Resource: N/A
Hyperlink: https://github.com/microsoft/Microsoft-TP-Link-Research-Team
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.tp-link.com/us/omada-sdn/
x_transferred
https://github.com/microsoft/Microsoft-TP-Link-Research-Team
x_transferred
Hyperlink: https://www.tp-link.com/us/omada-sdn/
Resource:
x_transferred
Hyperlink: https://github.com/microsoft/Microsoft-TP-Link-Research-Team
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
TP-Link Systems Inc.tp-link
Product
omada_er605
CPEs
  • cpe:2.3:a:tp-link:omada_er605:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 2.2.4 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:14 Mar, 2024 | 16:15
Updated At:18 Sep, 2025 | 16:30

In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in ER605(UN)_v2_2.2.4 Build 020240119.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CPE Matches
TP-Link Systems Inc.
tp-link
>>omada_er605_firmware>>Versions from 1.0(inclusive) to 2.2.3(inclusive)
cpe:2.3:o:tp-link:omada_er605_firmware:*:*:*:*:*:*:*:*
TP-Link Systems Inc.
tp-link
>>omada_er605>>2.6
cpe:2.3:h:tp-link:omada_er605:2.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-120
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/microsoft/Microsoft-TP-Link-Research-Teamcve@mitre.org
Third Party Advisory
https://www.tp-link.com/us/omada-sdn/cve@mitre.org
Product
https://github.com/microsoft/Microsoft-TP-Link-Research-Teamaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.tp-link.com/us/omada-sdn/af854a3a-2127-422b-91ae-364da2661108
Product
Hyperlink: https://github.com/microsoft/Microsoft-TP-Link-Research-Team
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.tp-link.com/us/omada-sdn/
Source: cve@mitre.org
Resource:
Product
Hyperlink: https://github.com/microsoft/Microsoft-TP-Link-Research-Team
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.tp-link.com/us/omada-sdn/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product

Change History

0
Information is not available yet

Similar CVEs

62Records found
CVE-2021-33972
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-0.13% / 32.32%
||
7 Day CHG+0.02%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges.

Action-Not Available
Vendor-browser.360n/a
Product-safe_browsern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-4260
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-6.3||MEDIUM
EPSS-0.26% / 49.02%
||
7 Day CHG~0.00%
Published-26 Sep, 2023 | 19:23
Updated-13 Feb, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential off-by-one buffer overflow vulnerability in the Zephyr FS subsystem

Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.

Action-Not Available
Vendor-Zephyr Project
Product-zephyrZephyr
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-193
Off-by-one Error
CVE-2023-1424
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-10||CRITICAL
EPSS-2.78% / 85.75%
||
7 Day CHG+0.27%
Published-24 May, 2023 | 04:39
Updated-05 Mar, 2025 | 18:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service and Remote Code Execution Vulnerability in MELSEC Series CPU module

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules and MELSEC iQ-R Series CPU modules allows a remote unauthenticated attacker to cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted packets. A system reset of the product is required for recovery from a denial of service (DoS) condition and malicious code execution.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-melsec_iq-fx5uc-32mt\/dss-tsmelsec_iq-fx5u-64mr\/esmelsec_iq-fx5u-80mr\/dssmelsec_iq-fx5uc-96mr\/ddsmelsec_iq-fx5uc-32mt\/ds_firmwaremelsec_iq-fx5u-32mr\/esmelsec_iq-fx5u-32mt\/dssmelsec_iq-fx5u-32mr\/dss_firmwaremelsec_iq-fx5u-64mr\/ds_firmwaremelsec_iq-fx5u-80mr\/dss_firmwaremelsec_iq-fx5uc-32mr\/ds-ts_firmwaremelsec_iq-fx5uc-96mt\/dsmelsec_iq-fx5u-64mr\/dsmelsec_iq-fx5u-64mt\/es_firmwaremelsec_iq-fx5u-32mr\/ess_firmwaremelsec_iq-fx5uc-32mt\/ds-tsmelsec_iq-fx5u-64mt\/dsmelsec_iq-fx5u-32mt\/esmelsec_iq-fx5u-80mr\/ds_firmwaremelsec_iq-fx5u-64mt\/ess_firmwaremelsec_iq-fx5u-64mr\/es_firmwaremelsec_iq-fx5u-80mt\/ess_firmwaremelsec_iq-fx5u-80mr\/essmelsec_iq-fx5uc-96mt\/ddsmelsec_iq-fx5uc-64mt\/ds_firmwaremelsec_iq-fx5u-80mt\/essmelsec_iq-fx5uc-32mr\/dds_firmwaremelsec_iq-fx5u-32mr\/essmelsec_iq-fx5u-80mt\/esmelsec_iq-fx5u-80mt\/ds_firmwaremelsec_iq-fx5u-64mr\/dss_firmwaremelsec_iq-fx5u-64mr\/ess_firmwaremelsec_iq-fx5u-64mt\/dssmelsec_iq-fx5u-32mt\/es_firmwaremelsec_iq-fx5uc-32mt\/ddsmelsec_iq-fx5u-80mt\/es_firmwaremelsec_iq-fx5u-32mt\/essmelsec_iq-fx5uc-96mt\/ds_firmwaremelsec_iq-fx5uc-32mr\/ds_firmwaremelsec_iq-fx5u-32mr\/dsmelsec_iq-fx5u-64mr\/essmelsec_iq-fx5u-80mr\/ess_firmwaremelsec_iq-fx5uc-32mt\/dsmelsec_iq-fx5u-80mt\/dssmelsec_iq-fx5uc-96mt\/dds_firmwaremelsec_iq-fx5u-80mr\/dsmelsec_iq-fx5uc-32mr\/ddsmelsec_iq-fx5u-32mt\/ess_firmwaremelsec_iq-fx5uc-64mr\/ddsmelsec_iq-fx5uc-64mt\/ddsmelsec_iq-fx5u-80mr\/esmelsec_iq-fx5u-32mr\/ds_firmwaremelsec_iq-fx5uc-32mr\/dsmelsec_iq-fx5uc-32mt\/dds_firmwaremelsec_iq-fx5uc-64mt\/dds_firmwaremelsec_iq-fx5uc-64mt\/dsmelsec_iq-fx5uc-96mr\/dds_firmwaremelsec_iq-fx5u-32mr\/dssmelsec_iq-fx5uc-64mr\/dds_firmwaremelsec_iq-fx5uc-64mr\/ds_firmwaremelsec_iq-fx5u-32mt\/ds_firmwaremelsec_iq-fx5uc-32mt\/ds-ts_firmwaremelsec_iq-fx5u-80mr\/es_firmwaremelsec_iq-fx5u-64mr\/dssmelsec_iq-fx5u-64mt\/esmelsec_iq-fx5u-64mt\/essmelsec_iq-fx5uc-32mt\/dss-ts_firmwaremelsec_iq-fx5u-80mt\/dsmelsec_iq-fx5u-32mt\/dss_firmwaremelsec_iq-fx5u-64mt\/dss_firmwaremelsec_iq-fx5u-32mr\/es_firmwaremelsec_iq-fx5u-64mt\/ds_firmwaremelsec_iq-fx5u-80mt\/dss_firmwaremelsec_iq-fx5u-32mt\/dsmelsec_iq-fx5uc-32mr\/ds-tsmelsec_iq-fx5uc-96mr\/ds_firmwaremelsec_iq-fx5uc-64mr\/dsmelsec_iq-fx5uc-96mr\/dsMELSEC iQ-R Series R04ENCPUMELSEC iQ-F Series FX5UC-96MT/DMELSEC iQ-F Series FX5UC-32MT/DSS-TSMELSEC iQ-F Series FX5UC-96MT/DSSMELSEC iQ-F Series FX5UC-32MT/DSSMELSEC iQ-R Series R16PCPUMELSEC iQ-F Series FX5U-64MT/DSMELSEC iQ-F Series FX5U-64MT/DSSMELSEC iQ-F Series FX5UC-64MT/DMELSEC iQ-F Series FX5U-64MT/ESMELSEC iQ-R Series R120CPUMELSEC iQ-F Series FX5U-80MT/DSMELSEC iQ-F Series FX5U-32MT/DSMELSEC iQ-F Series FX5U-64MT/ESSMELSEC iQ-R Series R16SFCPUMELSEC iQ-F Series FX5U-80MR/DSMELSEC iQ-R Series R32PCPUMELSEC iQ-F Series FX5UC-32MT/DMELSEC iQ-F Series FX5U-32MT/ESSMELSEC iQ-R Series R16CPUMELSEC iQ-R Series R32SFCPUMELSEC iQ-R Series R120PCPUMELSEC iQ-F Series FX5U-32MT/DSSMELSEC iQ-F Series FX5U-80MT/ESSMELSEC iQ-F Series FX5U-80MT/ESMELSEC iQ-F Series FX5U-32MT/ESMELSEC iQ-R Series R08PCPUMELSEC iQ-R Series R08CPUMELSEC iQ-R Series R08SFCPUMELSEC iQ-F Series FX5U-80MR/ESMELSEC iQ-F Series FX5UC-32MT/DS-TSMELSEC iQ-R Series R00CPUMELSEC iQ-R Series R01CPUMELSEC iQ-F Series FX5U-80MT/DSSMELSEC iQ-F Series FX5U-64MR/DSMELSEC iQ-R Series R32CPUMELSEC iQ-R Series R04CPUMELSEC iQ-R Series R120ENCPUMELSEC iQ-F Series FX5U-32MR/ESMELSEC iQ-F Series FX5U-64MR/ESMELSEC iQ-F Series FX5UC-32MR/DS-TSMELSEC iQ-R Series R02CPUMELSEC iQ-R Series R08ENCPUMELSEC iQ-R Series R16ENCPUMELSEC iQ-R Series R120SFCPUMELSEC iQ-F Series FX5U-32MR/DSMELSEC iQ-F Series FX5UC-64MT/DSSMELSEC iQ-R Series R32ENCPU
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-24482
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-0.36% / 57.47%
||
7 Day CHG-0.05%
Published-14 Feb, 2023 | 10:36
Updated-20 Mar, 2025 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25). Cache validation service in COMOS is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-comosCOMOS V10.3.3.1COMOS V10.3.3.3COMOS V10.3.3.4COMOS V10.3.3.2COMOS V10.4.2.0COMOS V10.2COMOS V10.4.0.0COMOS V10.4.1.0
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-33975
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-0.32% / 54.91%
||
7 Day CHG+0.04%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges.

Action-Not Available
Vendor-browser.360n/a
Product-safe_browsern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32548
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-59.25% / 98.19%
||
7 Day CHG~0.00%
Published-29 Aug, 2022 | 05:38
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor2866ax_firmwarevigor165_firmwarevigor2927vacvigor2952p_firmwarevigor2865_firmwarevigor3910_firmwarevigor2762vacvigor3220_firmwarevigor2927vigor2915ac_firmwarevigor2766vacvigor2865vac_firmwarevigor2862acvigor2926vac_firmwarevigor2133ac_firmwarevigor2862b_firmwarevigor2133acvigor2862bn_firmwarevigor2762vigor2862lvigor2135vigor2865lac_firmwarevigor2862bvigor166_firmwarevigor1000b_firmwarevigor2862ln_firmwarevigor166vigor2866acvigor2866vacvigor2962p_firmwarevigor2135vac_firmwarevigor2927vac_firmwarevigor2133vacvigor2927l_firmwarevigor2133fvacvigor2133n_firmwarevigor3910vigor2862lnvigor1000bvigor2962pvigor2620l_firmwarevigor2766vac_firmwarevigor2862vacvigor2926n_firmwarevigor2927lacvigorlte_200n_firmwarevigor2865lvigor2866lvigor2865acvigor2620lnvigor2862nvigor2862l_firmwarevigor2766_firmwarevigor2762nvigor2865lacvigor2926vacvigor2765ac_firmwarevigor2926lac_firmwarevigor2926nvigor2762acvigor2135vacvigor2927ax_firmwarevigor2135acvigor3220vigor2927acvigor2866lac_firmwarevigor2952_firmwarevigor2766ac_firmwarevigor2620ln_firmwarevigor2133vac_firmwarevigor2766vigor2866_firmwarevigor2915vigor2926vigor2926ac_firmwarevigor2862vigorlte_200nvigor2865ax_firmwarevigor2866vigor2862lac_firmwarevigor2133vigor2952vigor2862bnvigor2927_firmwarevigor2962vigor2762ac_firmwarevigor2866l_firmwarevigor2135fvacvigor2762_firmwarevigor2926l_firmwarevigor2926lvigor2765acvigor2765vac_firmwarevigor2762vac_firmwarevigor2765vacvigor2926acvigor2915_firmwarevigor2862n_firmwarevigor2762n_firmwarevigor2866axvigor2133fvac_firmwarevigor2620lvigor2766acvigor2926_firmwarevigor2862ac_firmwarevigor2915acvigor2927lac_firmwarevigor2865vigor2962_firmwarevigor2133nvigor2135fvac_firmwarevigor2765vigor2832vigor2862vac_firmwarevigor2952pvigor2926lacvigor2133_firmwarevigor2765_firmwarevigor2865l_firmwarevigor2865ac_firmwarevigor2135_firmwarevigor2865axvigor2832_firmwarevigor2866lacvigor2866vac_firmwarevigor2862lacvigor2866ac_firmwarevigor2865vacvigor2927axvigor2862_firmwarevigor2135ac_firmwarevigor2927lvigor165vigor2926lnvigor2927ac_firmwarevigor2926ln_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-31481
Matching Score-4
Assigner-Carrier Global Corporation
ShareView Details
Matching Score-4
Assigner-Carrier Global Corporation
CVSS Score-10||CRITICAL
EPSS-1.24% / 78.94%
||
7 Day CHG~0.00%
Published-06 Jun, 2022 | 16:38
Updated-16 Sep, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution via buffer overflow in firmware update process

An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. The overflowed data can allow the attacker to manipulate the “normal” code execution to that of their choosing. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable.

Action-Not Available
Vendor-carrierhidglobalLenelS2HID Mercury
Product-lenels2_lnl-x2210lp2500_firmwareep4502lp2500lenels2_s2-lp-2500lenels2_lnl-x2220lenels2_s2-lp-4502_firmwarelenels2_s2-lp-4502lenels2_lnl-x4420lenels2_lnl-x3300lenels2_lnl-x3300_firmwarelenels2_s2-lp-1502ep4502_firmwarelenels2_s2-lp-1502_firmwarelenels2_lnl-4420lenels2_lnl-x2220_firmwarelenels2_lnl-x4420_firmwarelenels2_lnl-4420_firmwarelenels2_s2-lp-2500_firmwarelenels2_s2-lp-1501lp4502lp1501lenels2_s2-lp-1501_firmwarelp1502lenels2_lnl-x2210_firmwarelp1501_firmwarelp4502_firmwarelp1502_firmwareLP2500LNL-X2210S2-LP-1502LNL-4420LP1502S2-LP-2500S2-LP-4502EP4502LP4502LP1501S2-LP-1501LNL-X3300LNL-X4420LNL-X2220
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-22570
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-10||CRITICAL
EPSS-0.54% / 67.22%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-03 Aug, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in Version 3.8.31.13 and later.

Action-Not Available
Vendor-n/aUbiquiti Inc.
Product-ua_lite_firmwareua_liteUniFi Door Access Reader Lite
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-20827
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9||CRITICAL
EPSS-5.84% / 90.34%
||
7 Day CHG~0.00%
Published-10 Aug, 2022 | 08:12
Updated-01 Nov, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Vulnerabilities

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv260_firmwarerv340_firmwarerv345prv345rv160w_firmwarerv160_firmwarerv260w_firmwarerv345p_firmwarerv340w_firmwarerv160wrv260rv260wrv340wrv260prv345_firmwarerv340rv260p_firmwarerv160Cisco Small Business RV Series Router Firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-22683
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-10||CRITICAL
EPSS-3.55% / 87.41%
||
7 Day CHG~0.00%
Published-28 Jul, 2022 | 07:00
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-diskstation_managermedia_serverrouter_managerMedia Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23616
Matching Score-4
Assigner-Exodus Intelligence
ShareView Details
Matching Score-4
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-6.30% / 90.73%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-23 Aug, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Server Management Suite Buffer Overflow

A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.

Action-Not Available
Vendor-Broadcom Inc.Symantec Corporation
Product-symantec_server_management_suiteServer Management Suiteserver_management_suite
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23613
Matching Score-4
Assigner-Exodus Intelligence
ShareView Details
Matching Score-4
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-7.65% / 91.70%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:32
Updated-29 May, 2025 | 15:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Symantec Deployment Solution Remote Code Execution

A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.

Action-Not Available
Vendor-Symantec CorporationBroadcom Inc.
Product-symantec_deployment_solutionsDeployment Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • Next
Details not found