CVE-2024-40086

A Buffer Overflow vulnerability in the local_app_set_router_wifi_SSID_PWD function of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via a password field larger than 64 bytes in length.
Configurations

No configuration.

History

23 Oct 2024, 15:12

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de desbordamiento de búfer en la función local_app_set_router_wifi_SSID_PWD del sistema WiFi en malla Vilo 5 &lt;= 5.16.1.33 permite a atacantes remotos no autenticados ejecutar código arbitrario a través de un campo de contraseña de más de 64 bytes de longitud.

22 Oct 2024, 17:35

Type Values Removed Values Added
CWE CWE-120
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.6

21 Oct 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 21:15

Updated : 2024-10-23 15:12


NVD link : CVE-2024-40086

Mitre link : CVE-2024-40086

CVE.ORG link : CVE-2024-40086


JSON object : View

Products Affected

No product.

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')