Описание
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:asus:asuswrt-merlin:3.0.0.4.384.20308:*:*:*:*:*:*:*
cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00418
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An issue was discovered in Asuswrt-Merlin 384.6. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak.
EPSS
Процентиль: 61%
0.00418
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-120