admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-397xx/CVE-2024-39768.json
cad-safe-bot 4a301a0f3d Auto-Update: 2025-01-19T03:00:20.175811+00:00
2025-01-19 03:03:47 +00:00

60 lines
2.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-39768",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2025-01-14T15:15:22.127",
"lastModified": "2025-01-14T15:15:22.127",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `cli_name` POST parameter."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de desbordamiento de b\u00fafer en la funci\u00f3n set_qos() de internet.cgi de Wavlink AC3000 M33A8.V5030.210505. Una solicitud HTTP manipulada especialmente puede provocar un desbordamiento de b\u00fafer basado en la pila. Un atacante puede realizar una solicitud HTTP autenticada para activar estas vulnerabilidades. Esta vulnerabilidad existe en el par\u00e1metro POST `cli_name`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2022",
"source": "talos-cna@cisco.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink