← Back

CVE-2024-52754

nvd nist
Published: Nov 20, 2024Modified: Nov 22, 2024

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function.

Affected (1)

Dlink
1 product
Di 8003 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Di 8003 Firmware
Version 16.07.16a1
Running on/withPlatform Versions
Dlink
Di 8003
Version a1

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Product

Timeline

No history available yet.