CVE-2024-7441 | Vivotek SD9364 VVTK-0103f httpd read Content-Length stack-based overflow

A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability was named CVE-2024-7441. The attack can be initiated remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed that the affected release tree is end-of-life.

It is recommended to apply restrictive firewalling.

CVE-2024-7441 | Vivotek SD9364 VVTK-0103f httpd read Content-Length stack-based overflow

Related Posts

CVE-2023-49147 | geek Software PDF24 Creator up to 11.15.1 MSI Installer Local Privilege Escalation

CVE-2023-48429 | Siemens SINEC INS up to 1.0 SP2 Update 1 Request status code (ssa-077170)

CVE-2024-49518 | Adobe Substance3D Painter up to 10.1.0 out-of-bounds write (apsb24-86)

CVE-2023-40544 | Westermo Lynx 206-F2G 4.24 TCP Communication cleartext transmission (icsa-24-023-04)