CVE-2024-52026
CVSS 3.1 Score 5.7 of 10 (medium)
Details
Published Nov 5, 2024
CWE ID 120
Summary
CVE-2024-52026 is a newly discovered vulnerability affecting Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 routers. The issue lies within the pppoe_localip parameter in bsw_pppoe.cgi, which is susceptible to a stack overflow. Malicious actors can exploit this vulnerability by sending a crafted POST request, leading to a Denial of Service (DoS) condition. This flaw allows attackers to disrupt the functionality of the affected routers, potentially causing network disruptions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share