CVE-2024-27567 | LBT T300-T390 2.2.1.8 HTTP POST Request config_vpn_pptp vpn_client_ip stack-based overflow

Posted by Angelo Barbosa | Mar 1, 2024 | CVE

A vulnerability has been found in LBT T300-T390 2.2.1.8 and classified as critical. Affected by this vulnerability is the function config_vpn_pptp of the component HTTP POST Request Handler. The manipulation of the argument vpn_client_ip leads to stack-based buffer overflow.

This vulnerability is known as CVE-2024-27567. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-27567 | LBT T300-T390 2.2.1.8 HTTP POST Request config_vpn_pptp vpn_client_ip stack-based overflow

Related Posts

CVE-2024-28431 | DedeCMS 5.7 /dede/catalog_del.php cross-site request forgery

CVE-2024-6963 | Tenda O3 1.0.0.10 formexeCommand cmdinput stack-based overflow

CVE-2024-1547 | Mozilla Firefox up to 115.8 API improper restriction of rendered ui layers

CVE-2023-51123 | D-Link DIR-815 1.01SSb08.bin POST Request soapcgi_main service Privilege Escalation