CVE-2024-7441

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 3, 2024

Updated: Aug 7, 2024

CWE ID 119

CWE ID 121

Summary

CVE-2024-7441 is a critical vulnerability affecting the Vivotek SD9364 VVTK-0103f model, specifically the httpd component. The issue involves a stack-based buffer overflow triggered by manipulating the Content-Length argument. This vulnerability can be exploited remotely and the exploit has been disclosed to the public. The affected release tree of the product is end-of-life, and the vendor has confirmed this. This vulnerability, identified as VDB-273526, impacts the read function and poses a significant risk to unsupported Vivotek SD9364 devices.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xby989
https://www.cve.org/CVERecord?id=CVE-2024-7441
https://nvd.nist.gov/vuln/detail/CVE-2024-7441

Back to Vulnerability Database

CVE-2024-7441

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations