CVE-2024-51004

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024
CWE ID 120

Summary

CVE-2024-51004 refers to multiple stack overflow vulnerabilities identified in the Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 firmware. These vulnerabilities, located in the component usb_device.cgi, can be exploited through the cifs_user, read_access, and write_access parameters. Attackers can send a specially crafted POST request to trigger these vulnerabilities, resulting in a Denial of Service (DoS) attack. The stack overflow issues allow for the manipulation of memory, potentially leading to system crashes. Users of these affected Netgear models are recommended to update their firmware as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share