CVE-2023-51635

CVSS 3.0 Score 8.8 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 121

Summary

CVE-2023-51635 is a stack-based buffer overflow vulnerability affecting NETGEAR RAX30 routers. This issue, located in the fing_dil service, allows network-adjacent attackers to execute arbitrary code without requiring authentication. The root cause is insufficient validation of user-supplied data length before copying it to a fixed-buffer. Exploitation of this vulnerability results in remote code execution with root privileges, as identified in ZDI-CAN-19843.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share