CVE-2024-50667

The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks.
Configurations

No configuration.

History

12 Nov 2024, 17:35

Type Values Removed Values Added
CWE CWE-120
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

12 Nov 2024, 13:55

Type Values Removed Values Added
Summary
  • (es) El boa httpd de Trendnet TEW-820AP 1.01.B01 tiene una vulnerabilidad de desbordamiento de pila en /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. La razón es que la comprobación de la dirección IPv6 no es suficiente, lo que permite a los atacantes construir payloads para los ataques.

11 Nov 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-11 19:15

Updated : 2024-11-12 17:35


NVD link : CVE-2024-50667

Mitre link : CVE-2024-50667

CVE.ORG link : CVE-2024-50667


JSON object : View

Products Affected

No product.

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')