CVE-2024-36671
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-36671 is a newly disclosed vulnerability affecting nodemcu versions prior to v3.0.0-release_20240225. This issue involves an integer overflow in the getnum function located within the /modules/struct.c file of the nodemcu software. An attacker could potentially exploit this vulnerability to execute arbitrary code or cause the affected system to crash, leading to denial-of-service conditions. The specific integer overflow can be triggered by supplying specially crafted input to the vulnerable function, posing a significant security risk. It is essential for users to promptly update their nodemcu installations to the latest version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.