Stack-based Buffer Overflow Vulnerability Affects WAB-I1750-PS
CVE-2024-43689

9.8CRITICAL

Key Information:

Vendor: Elecom Co.,ltd.
Status: Wab-i1750-ps; Wab-m1775-ps; Wab-s1167-ps; Wab-s1775
Vendor: CVE Published:; 21 October 2024

Summary

A stack-based buffer overflow vulnerability has been identified in ELECOM wireless access points. The vulnerability arises when the devices process specially crafted HTTP requests, leading to the potential execution of arbitrary code. This security flaw poses a significant risk as it can be exploited by attackers to gain unauthorized control over the affected devices, compromising the network's integrity and security. Users are advised to apply available security patches and follow best practices for network security management.

Affected Version(s)

WAB-I1750-PS v1.5.10 and earlier

WAB-M1775-PS v2.1.4 and earlier

WAB-S1167-PS v1.5.6 and earlier

References

https://www.elecom.co.jp/news/security/20240827-01/

https://jvn.jp/en/jp/JVN24885537/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 21, 2024
Vulnerability Reserved
Aug 16, 2024