CVE-2023-50244

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `entry_name` request's parameter.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:realtek:rtl819x_jungle_software_development_kit:3.4.11:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*

cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-07-08 16:15

Updated : 2024-07-11 16:05

NVD link : CVE-2023-50244

Mitre link : CVE-2023-50244

CVE.ORG link : CVE-2023-50244

JSON object : View

Products Affected

level1

wbr-6013_firmware
wbr-6013

realtek

rtl819x_jungle_software_development_kit

CWE

CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2023-50244", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-07-08T16:15:06.437", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1895", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `entry_name` request's parameter."}, {"lang": "es", "value": "Existen dos vulnerabilidades de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funcionalidad boa formIpQoS de Realtek rtl819x Jungle SDK v3.4.11. Una serie de solicitudes HTTP especialmente manipuladas pueden conducir a la ejecuci\u00f3n remota de c\u00f3digo. Un atacante puede enviar una serie de solicitudes HTTP para activar estas vulnerabilidades. Este desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria est\u00e1 relacionado con el par\u00e1metro de solicitud `entry_name`."}], "lastModified": "2024-07-11T16:05:17.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:realtek:rtl819x_jungle_software_development_kit:3.4.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7891A085-C128-426B-A8BB-70E688CAAF65"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79082BA3-FBC4-4F38-8897-37E70D7B83D3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "59DE58EE-DF41-48A2-B048-65A0666808F1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}