CVE-2024-25139

In TP-Link Omada er605 1.0.1 through v2.6 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in...

The vulnerability of TP-Link Omada er605 microcontroller-based software is caused by a full-integer overflow, allowing an attacker to execute arbitrary code.

The vulnerability of TP-Link Omada er605 microprogramming software is caused by a numerical overflow. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code within the context of a binary file named cloud-brd...

CVE-2024-25139

In TP-Link Omada er605 1.0.1 through v2.6 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in...

CVE-2024-25139

In TP-Link Omada er605 1.0.1 through v2.6 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in...

CVE-2024-25139

CVE-2024-25139 affects TP-Link Omada ER605 firmware versions 1.0.1 through 2.2.3. The root cause is an overflow in the cloud-brd binary due to an integer/heap-related boundary condition, resulting in a heap-based buffer overflow that can enable code execution with root privileges in the cloud-brd...