Buffer Overflow Vulnerability in Realtek RTL819x Jungle SDK
CVE-2023-45215

7.2HIGH

Key Information:

Vendor: Levelone
Status: Wbr-6013; Rtl819x Jungle Sdk
Vendor: CVE Published:; 8 July 2024

What is CVE-2023-45215?

A stack-based buffer overflow vulnerability has been identified in the boa setRepeaterSsid functionality within the Realtek rtl819x Jungle SDK v3.4.11. This vulnerability arises due to inadequate boundary checking when processing a specifically crafted sequence of network requests. If exploited, an attacker can send a series of malicious requests, potentially leading to arbitrary code execution on the affected device. This type of vulnerability poses a significant risk, allowing unauthorized actions to be performed within the context of the affected system.

Affected Version(s)

rtl819x Jungle SDK v3.4.11

WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 8, 2024
Vulnerability Reserved
Dec 5, 2023

Credit

Discovered by Francesco Benvenuto of Cisco Talos.

JSON

Levelone

What is CVE-2023-45215?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit