CVE-2024-50997

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024

CWE ID 120

Summary

CVE-2024-50997 is a newly discovered vulnerability affecting specific Netgear routers, including the R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128. This issue arises from a stack overflow in the pptp_user_ip parameter at pptp.cgi. Malicious actors can leverage this flaw by sending a crafted POST request to trigger the stack overflow, leading to a Denial of Service (DoS) condition on the targeted router.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/z7RcGo
https://www.cve.org/CVERecord?id=CVE-2024-50997
https://nvd.nist.gov/vuln/detail/CVE-2024-50997

Back to Vulnerability Database

CVE-2024-50997

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations