CVE-2024-12988 | Netgear R6900P/R7000P 1.3.3.154 HTTP Header sub_16C4C Host buffer overflow

A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow.

This vulnerability is known as CVE-2024-12988. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

It is recommended to apply restrictive firewalling.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-12988 | Netgear R6900P/R7000P 1.3.3.154 HTTP Header sub_16C4C Host buffer overflow

Related Posts

CVE-2024-8705 | Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 /DataSrvs/UCCGSrv.asmx GetDataKindByType sql injection

CVE-2024-6443 | zephyrproject-rtos Zephyr up to 3.6 zephyr/lib/utils/utf8.c utf8_trunc last_byte_p out-of-bounds (GHSA-gg46-3rh2-v765)

CVE-2024-25417 | flusity CMS 2.33 add_translation.php cross-site request forgery

CVE-2024-35895 | Linux Kernel up to 6.8.4 sockmap local_irq_disable deadlock