CVE-2024-52024

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024
CWE ID 120

Summary

CVE-2024-52024 is a newly disclosed vulnerability affecting Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 routers. The issue lies within the wizpppoe.cgi file, where a stack overflow can be triggered via a specially crafted POST request using the pppoe_localip parameter. Attackers can exploit this vulnerability to cause a Denial of Service (DoS) condition on the affected devices. This stack overflow flaw poses a significant risk to network availability and requires immediate attention for patching and mitigation measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share