Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability: Unauthenticated Remote Code Execution Flaw Affects Deep Sea Electronics Devices
CVE-2024-5948
8.8HIGH
What is CVE-2024-5948?
The vulnerability present in Deep Sea Electronics DSE855 relates to improper handling of multipart boundaries, resulting in a stack-based buffer overflow. This flaw originates from the failure to adequately validate the length of user-supplied data prior to its transfer into a fixed-length stack-based buffer. Network-adjacent attackers can exploit this weakness to execute arbitrary code on affected devices without needing any form of authentication, posing significant security risks to operational environments.
Affected Version(s)
DSE855 1.1.0