CVE-2024-52024

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Nov 5, 2024

CWE ID 120

Summary

CVE-2024-52024 is a newly disclosed vulnerability affecting Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 routers. The issue lies within the wizpppoe.cgi file, where a stack overflow can be triggered via a specially crafted POST request using the pppoe_localip parameter. Attackers can exploit this vulnerability to cause a Denial of Service (DoS) condition on the affected devices. This stack overflow flaw poses a significant risk to network availability and requires immediate attention for patching and mitigation measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0NRmdU
https://www.cve.org/CVERecord?id=CVE-2024-52024
https://nvd.nist.gov/vuln/detail/CVE-2024-52024

Back to Vulnerability Database

CVE-2024-52024

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations