CVE-2024-8408 | Linksys WRT54G 4.21.5 POST Parameter /apply.cgi validate_services_port services_array stack-based overflow

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validate_services_port of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument services_array leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2024-8408. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8408 | Linksys WRT54G 4.21.5 POST Parameter /apply.cgi validate_services_port services_array stack-based overflow

Related Posts

CVE-2024-2318 | ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028 Service Port 9999 /pro/common/download fileName path traversal

CVE-2024-1202 | XPodas Octopod prior 1.0 authentication bypass

CVE-2022-48835 | Linux Kernel up to 5.10.107/5.15.30/5.16.16 mpt3sas mpt3sas_base_sync_reply_irqs memory corruption

CVE-2024-29190 | MobSF Mobile-Security-Framework-MobSF up to 3.9.5 Beta Hostname server-side request forgery