CVE-2024-7441

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 3, 2024
Updated: Aug 7, 2024
CWE ID 119
CWE ID 121

Summary

CVE-2024-7441 is a critical vulnerability affecting the Vivotek SD9364 VVTK-0103f model, specifically the httpd component. The issue involves a stack-based buffer overflow triggered by manipulating the Content-Length argument. This vulnerability can be exploited remotely and the exploit has been disclosed to the public. The affected release tree of the product is end-of-life, and the vendor has confirmed this. This vulnerability, identified as VDB-273526, impacts the read function and poses a significant risk to unsupported Vivotek SD9364 devices.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share