Stack Overflow Vulnerability in LBT-T300-T400 by Shenzhen Libituo Technology Co., Ltd
CVE-2024-40536

5.3MEDIUM

Key Information:

Vendor: Shenzhen Libituo Technology Co., Ltd
Status: LBT-T300-T400
Vendor: CVE Published:; 16 July 2024

🔔 Create Shenzhen Libituo Technology Co., Ltd Vulnerability Alert

What is CVE-2024-40536?

The LBT-T300-T400 device by Shenzhen Libituo Technology Co., Ltd is vulnerable to a stack overflow caused by the improper handling of the pin_3g_code parameter in the config_3g_para function. This flaw may allow an attacker to exploit the vulnerability, potentially leading to unauthorized access or denial of service, emphasizing the need for immediate attention to device configurations and updates.

References

https://github.com/tt01bolt/vul/blob/main/LBT-T300-T400_B...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2024

CVE-2024-40536 Data

JSON