CVE-2024-52013

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024

CWE ID 120

Summary

CVE-2024-52013 is a recently disclosed stack overflow vulnerability affecting several Netgear routers, including the R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128. By sending a maliciously crafted POST request to the pptp_user_ip parameter in wiz_pptp.cgi, attackers can exploit this weakness and induce a denial of service (DoS) condition on the targeted devices. This issue poses a significant risk to network availability and necessitates immediate updates to the affected firmware versions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0NNrpS
https://www.cve.org/CVERecord?id=CVE-2024-52013
https://nvd.nist.gov/vuln/detail/CVE-2024-52013

Back to Vulnerability Database

CVE-2024-52013

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations