Buffer Overflow Vulnerability in Brother Network Services
CVE-2024-51979

7.2HIGH

Key Information:

Vendor: Brother Industries, Ltd
Status: Hl-l8260cdn; Hl-l8260cdw; Hl-l8360cdw; Hl-l8360cdwt
Vendor: CVE Published:; 25 June 2025

🔔 Create Brother Industries, Ltd Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2024-51979?

An authenticated attacker can exploit a buffer overflow vulnerability in Brother network services. This is triggered by sending a malformed request containing empty Origin and improperly formatted Referer headers to the HTTP (port 80), HTTPS (port 443), or IPP (port 631) services. Specifically, if the host value within the Referer header exceeds 64 bytes, it may result in a stack-based buffer overflow, potentially allowing the attacker to execute arbitrary code or cause a denial of service.

Affected Version(s)

ADS-2400N 0

ADS-2800W 0

ADS-3000N 0

References

https://support.brother.com/g/b/link.aspx?prod=group2&faq...

vendor-advisory

https://support.brother.com/g/b/link.aspx?prod=group2&faq...

vendor-advisory

https://support.brother.com/g/b/link.aspx?prod=lmgroup1&f...

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 25, 2025
👾
Exploit known to exist
Jun 25, 2025
Vulnerability published
Jun 25, 2025
Vulnerability Reserved
Nov 4, 2024

Credit

Stephen Fewer, Principal Security Researcher at Rapid7