Lucene search
K

5908 matches found

NVD
NVD
added 2024/07/08 4:15 p.m.27 views

CVE-2023-49073

A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS0.00893EPSS
Exploits0References2
OSV
OSV
added 2024/07/08 4:15 p.m.3 views

CVE-2023-45742

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS6.2AI score0.01178EPSS
Exploits1References2
NVD
NVD
added 2024/07/08 4:15 p.m.20 views

CVE-2023-45742

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS0.01178EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.13 views

CVE-2023-49073

A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.9AI score0.00893EPSS
Exploits0References1
CVE
CVE
added 2024/07/08 3:22 p.m.65 views

CVE-2023-49073

CVE-2023-49073 affects Realtek rtl819x Jungle SDK v3.4.11 (boa formFilter) used in LevelOne WBR-6013 and related devices. Talos reports a stack-based buffer overflow in formFilter when processing ip6addr, leading to arbitrary code execution. CVSS 3.1 base score 7.2 (HIGH) with NETWORK attack vect...

7.2CVSS7.3AI score0.00893EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.16 views

CVE-2023-45742

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.7AI score0.01178EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/08 3:22 p.m.23 views

CVE-2023-45742

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS0.01178EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.16 views

CVE-2023-50244

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

7.2CVSS8.2AI score0.01413EPSS
Exploits1References1
CVE
CVE
added 2024/07/08 3:22 p.m.49 views

CVE-2023-50243

Realtek rtl819x Jungle SDK v3.4.11 (Boa web server) contains two stack-based buffer overflow vulnerabilities in boa formIpQoS: CVE-2023-50243 (comment) and CVE-2023-50244 (entry_name). Exploitation via specially crafted HTTP requests to /boafrm/formIpQoS can lead to remote code execution; PoCs ar...

7.2CVSS7.6AI score0.01413EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.16 views

CVE-2023-50243

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

7.2CVSS8.2AI score0.01413EPSS
Exploits1References1
CVE
CVE
added 2024/07/08 3:22 p.m.51 views

CVE-2023-50244

Summary (CVE-2023-50244): Realtek rtl819x Jungle SDK v3.4.11 uses Boa as a web server; the Boa API /boafrm/formIpQoS contains two stack-based buffer overflow conditions in the entry_name and comment handling. Specifically, the issue arises when a crafted HTTP request supplies a long entry_name pa...

7.2CVSS7.6AI score0.01413EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/07/08 3:22 p.m.59 views

CVE-2023-50381

CVE-2023-50381 concerns Realtek rtl819x Jungle SDK v3.4.11 (Boa web server) used in LevelOne WBR-6013 and related devices. The flaw occurs in the boa formWsc API, where the targetAPSsid parameter (and related inputs) can be unsafely incorporated into system commands, enabling OS command injection...

7.2CVSS7.5AI score0.03195EPSS
In wildExploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.10 views

CVE-2023-50383

Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This comman...

7.2CVSS7.7AI score0.01929EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/08 3:22 p.m.22 views

CVE-2023-50381

Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This comman...

7.2CVSS0.03195EPSS
Exploits1References1
CVE
CVE
added 2024/07/08 3:22 p.m.60 views

CVE-2023-50382

CVE-2023-50382 and related vulnerabilities in Realtek rtl819x Jungle SDK v3.4.11 (Boa web server) affect the LevelOne WBR-6013 router. Three OS command injection flaws exist in the boa formWsc API via parameters targetAPSsid, peerPin, localPin, enabling arbitrary command execution. Talos reports ...

7.2CVSS7.5AI score0.01929EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/08 3:22 p.m.25 views

CVE-2023-50382

Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This comman...

7.2CVSS0.01929EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/08 3:22 p.m.27 views

CVE-2023-50330

A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability...

7.2CVSS8AI score0.01101EPSS
Exploits0References1
CVE
CVE
added 2024/07/08 3:22 p.m.56 views

CVE-2023-50330

CVE-2023-50330 concerns the Realtek rtl819x Jungle SDK v3.4.11, where the Boa web server’s boa getInfo template is exploitable via a crafted sequence of HTTP requests. The root cause is a stack-based buffer overflow in the translate_control_code path used to URL-encode WPA-PSK values, which can o...

7.2CVSS7.4AI score0.01101EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/08 3:22 p.m.29 views

CVE-2023-49867

A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability...

7.2CVSS0.01101EPSS
Exploits0References1
CVE
CVE
added 2024/07/08 3:22 p.m.68 views

CVE-2023-49867

CVE-2023-49867 describes a stack-based buffer overflow in the Realtek rtl819x Jungle SDK v3.4.11, specifically the boa web server API /boafrm/formWsc. The vulnerability stems from an unsafe handling of the targetAPMac parameter: the code copies hexadecimal characters into a stack buffer (targetAP...

7.2CVSS7.4AI score0.01101EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder