CVE-2023-49351

CVSS 3.1 Score 9.8 of 10 (high)

Attack Complexity low
Confidentiality high
Integrity high
Availability high
Scope unchanged
Privileges Required none

Details

Published Jan 16, 2024
Updated: Jan 30, 2024
CWE ID 787

Summary

CVE-2023-49351 is a stack-based buffer overflow vulnerability affecting the /bin/webs binary in Edimax BR6478AC V2 firmware version v1.23. The issue arises due to an inappropriate usage of the strcpy() function, which enables attackers to overwrite other values located on the stack. This vulnerability could potentially be exploited to execute arbitrary code or cause a denial-of-service condition. Users are advised to update their firmware to a patched version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share