CVE-2024-7439 | Vivotek CC8160 VVTK-0100d httpd read Content-Length stack-based overflow

A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is handled as CVE-2024-7439. The attack may be launched remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed that the affected release tree is end-of-life.

It is recommended to apply restrictive firewalling.

CVE-2024-7439 | Vivotek CC8160 VVTK-0100d httpd read Content-Length stack-based overflow

Post correlati

CVE-2024-40885 | Intel Server M20NTP BIOS UEFI Firmware use after free (intel-sa-01175)

CVE-2024-34595 | Samsung Devices up to SMR Feb-2021 Release 1 SystemUI clickAdapterItem access control

CVE-2024-47413 | Adobe Animate up to 23.0.7/24.0.4 use after free (apsb24-76)

CVE-2024-24752 | brefphp bref up to 2.1.12 Multipart Request /tmp RequestHandlerInterface resource consumption (GHSA-x4hh-frx8-98r5)