Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CVEs (4,227)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-52017 1Netgear 1Xr300 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST reque...Show more Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-52016 1Netgear 4R6400v2 Firmware R7000p FirmwareR8500 Firmware+1 more Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec par...Show more Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-52015 1Netgear 4R6400v2 Firmware R7000p FirmwareR8500 Firmware+1 more Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to caus...Show more Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-52014 1Netgear 4R6400v2 Firmware R7000p FirmwareR8500 Firmware+1 more Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to ca...Show more Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-52013 1Netgear 4R6400v2 Firmware R7000p FirmwareR8500 Firmware+1 more Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to caus...Show more Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-51022 1Netgear 1Xr300 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51020 1Netgear 1R7000p Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51019 1Netgear 1R7000p Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51018 1Netgear 1R7000p Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51017 1Netgear 1R7000p Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51016 1Netgear 1Xr300 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51015 1Netgear 1R7000p Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a craft...Show more Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.Show less
CVE-2024-51014 1Netgear 1Xr300 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51013 1Netgear 1R7000p Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51012 1Netgear 1R8500 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51011 1Netgear 3R6400v2 Firmware R7000p FirmwareXr300 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service...Show more Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-51007 1Netgear 1Xr300 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51006 1Netgear 1R8500 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...Show more Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-51004 1Netgear 2R7000p Firmware R8500 Firmware Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities...Show more Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-51003 1Netgear 4R6400v2 Firmware R7000p FirmwareR8500 Firmware+1 more Jun 17, 2026 Nov 5, 2024 N/A· v4 5.7 MEDIUM· v3 N/A· v2 Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec par...Show more Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less

Previous 1...737475...212 Next