Stack Overflow Vulnerability in Get_Merge_Mac Function Affects Linksys WRT54G v4.21.5
CVE-2024-41281

8.8HIGH

Key Information:

Vendor: Linksys
Status: Wrt54g Firmware
Vendor: CVE Published:; 19 July 2024

What is CVE-2024-41281?

The Linksys WRT54G router, specifically version 4.21.5, is susceptible to a stack overflow vulnerability in the get_merge_mac function. Attackers could exploit this vulnerability to execute arbitrary code or cause a denial of service condition. Users of the WRT54G are advised to consider immediate updates or security measures to safeguard their network configurations and sensitive data.

References

https://github.com/BuaaIOTTeam/Iot_Linksys/blob/main/Link...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 19, 2024
Vulnerability Reserved
Jul 18, 2024

CVE-2024-41281 Data

JSON