Stack-based Buffer Overflow Vulnerability in HOME SPOT CUBE2 by AU
CVE-2024-21780

7.5HIGH

Key Information:

Vendor: Kddi Corporation
Status: Home Spot Cube2
Vendor: CVE Published:; 2 February 2024

🔔 Create Kddi Corporation Vulnerability Alert

What is CVE-2024-21780?

A stack-based buffer overflow vulnerability has been identified in the HOME SPOT CUBE2, specifically in versions V102 and earlier. This vulnerability arises when the device processes a specially crafted command, which may lead to a denial of service (DoS). Notably, the HOME SPOT CUBE2 is no longer supported, meaning that users may not receive future security updates, making them more susceptible to potential exploits.

Affected Version(s)

HOME SPOT CUBE2 V102 and earlier

References

https://www.au.com/support/service/mobile/guide/wlan/home...

https://jvn.jp/en/vu/JVNVU93740658/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2024
Vulnerability Reserved
Jan 25, 2024

CVE-2024-21780 Data

JSON