CVE-2023-51635
CVSS 3.0 Score 8.8 of 10 (high)
Details
Published Nov 22, 2024
CWE ID 121
Summary
CVE-2023-51635 is a stack-based buffer overflow vulnerability affecting NETGEAR RAX30 routers. This issue, located in the fing_dil service, allows network-adjacent attackers to execute arbitrary code without requiring authentication. The root cause is insufficient validation of user-supplied data length before copying it to a fixed-buffer. Exploitation of this vulnerability results in remote code execution with root privileges, as identified in ZDI-CAN-19843.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share