CVE-2024-54808

Published: Mar 31, 2025Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.

Affected (1)

Products: Netgear: Wnr854t Firmware

1 product

Wnr854t Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Wnr854t Firmware	Version 1.5.2

Running on/with	Platform Versions
Netgear Wnr854t	All versions

Related CWEs

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References (1)

https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#808

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.