Lucene search

TalosCVELIST:CVE-2023-49073

HistoryJul 08, 2024 - 3:22 p.m.

CVE-2023-49073

2024-07-0815:22:28

CWE-121

talos

www.cve.org

buffer overflow

realtek rtl819x

jungle sdk

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.4%

JSON

A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

CNA Affected

[
  {
    "vendor": "LevelOne",
    "product": "WBR-6013",
    "versions": [
      {
        "version": "RER4_A_v3411b_2T2R_LEV_09_170623",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Realtek",
    "product": "rtl819x Jungle SDK",
    "versions": [
      {
        "version": "v3.4.11",
        "status": "affected"
      }
    ]
  }
]

References

talosintelligence.com/vulnerability_reports/TALOS-2023-1875

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.4%

JSON

Related for CVELIST:CVE-2023-49073