Vulnerability-Lookup

CVE-2024-57544 (GCVE-0-2024-57544)

Vulnerability from cvelistv5 – Published: 2025-01-21 00:00 – Updated: 2025-01-22 21:51

Summary

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/Wood1314/Linksys_E8450_vul/blo…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-57544",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T21:50:27.040622Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-22T21:51:06.737Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-21T20:39:30.724Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-57544",
    "datePublished": "2025-01-21T00:00:00.000Z",
    "dateReserved": "2025-01-09T00:00:00.000Z",
    "dateUpdated": "2025-01-22T21:51:06.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-57544",
      "date": "2026-05-19",
      "epss": "0.0021",
      "percentile": "0.43222"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-57544\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-01-21T21:15:12.510\",\"lastModified\":\"2025-04-22T14:11:20.973\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 que Linksys E8450 v1.2.00.360516 contiene una vulnerabilidad de desbordamiento de b\u00fafer. El campo analizado (lan_ipaddr) se copia a la pila sin verificaci\u00f3n de longitud.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.1,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linksys:e8450_firmware:1.2.00.360516:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDF62C66-AF67-4A60-A41E-77C0FB526D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:linksys:e8450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFEF3B59-D5D1-4234-9925-FCB53E45AC1A\"}]}]}],\"references\":[{\"url\":\"https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-57544\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-22T21:50:27.040622Z\"}}}], \"references\": [{\"url\": \"https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-22T21:50:58.190Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-01-21T20:39:30.724Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-57544\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-22T21:51:06.737Z\", \"dateReserved\": \"2025-01-09T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-01-21T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

VAR-202501-1788

Vulnerability from variot - Updated: 2025-04-25 01:54

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. Linksys of e8450 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Linksys E8450 is an E-series wireless router from Linksys, an American company. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202501-1788",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "e8450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "linksys",
        "version": "1.2.00.360516"
      },
      {
        "model": "e8450",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "linksys",
        "version": null
      },
      {
        "model": "e8450",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "linksys",
        "version": "e8450  firmware  1.2.00.360516"
      },
      {
        "model": "e8450",
        "scope": null,
        "trust": 0.8,
        "vendor": "linksys",
        "version": null
      },
      {
        "model": "e8450",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "linksys",
        "version": "v1.2.00.360516"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "cve": "CVE-2024-57544",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.2,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 5.1,
            "id": "CNVD-2025-02952",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.1,
            "id": "CVE-2024-57544",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "OTHER",
            "availabilityImpact": "Low",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2025-003862",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            "id": "CVE-2024-57544",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2025-003862",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2025-02952",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification. Linksys of e8450 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Linksys E8450 is an E-series wireless router from Linksys, an American company. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2024-57544",
        "trust": 3.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "id": "VAR-202501-1788",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      }
    ]
  },
  "last_update_date": "2025-04-25T01:54:18.688000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Linksys E8450 lan_ipaddr parameter buffer overflow vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/655961"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-120",
        "trust": 1.0
      },
      {
        "problemtype": "Classic buffer overflow (CWE-120) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://github.com/wood1314/linksys_e8450_vul/blob/main/6/6.md"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2024-57544"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2025-02-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "date": "2025-04-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "date": "2025-01-21T21:15:12.510000",
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2025-02-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2025-02952"
      },
      {
        "date": "2025-04-23T02:37:00",
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      },
      {
        "date": "2025-04-22T14:11:20.973000",
        "db": "NVD",
        "id": "CVE-2024-57544"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Linksys\u00a0 of \u00a0e8450\u00a0 Classic buffer overflow vulnerability in firmware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2025-003862"
      }
    ],
    "trust": 0.8
  }
}

BDU:2025-00655

Vulnerability from fstec - Published: 26.12.2024

Title

Уязвимость функции sub_422eb8 микропрограммного обеспечения Wi-Fi роутеров Linksys E8450, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции sub_422eb8 микропрограммного обеспечения Wi-Fi роутеров Linksys E8450 связана с копированием буфера без проверки размера входных данных при обработке параметра strcpy. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vendor

Linksys Holdings, Inc.

Software Name

E8450

Software Version

1.2.00.360516 (E8450)

Possible Mitigations

Компенсирующие меры: - использование средств межсетевого экранирования для ограничения возможности удалённого доступа к устройствам; - ограничение доступа из внешних сетей (Интернет); - отключение/ограничение функции удаленного управления для предотвращения попыток эксплуатации уязвимости (например, запрет использования незащищенных протоколов, таких как HTTP или Telnet); - соблюдение парольной политики принятой для организации доступа к устройству; - сегментирование сети для ограничения доступа к уязвимому устройству; - использование средств обнаружения и предотвращения вторжений (IDS/IPS) для выявления и реагирования на попытки эксплуатации уязвимости; - использование виртуальных частных сетей для организации удаленного доступа (VPN).

Reference

https://vuldb.com/?id.292862 https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md

CWE

CWE-120

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
  "CVSS 3.0": "AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Linksys Holdings, Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.2.00.360516 (E8450)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c; \n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442); \n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0437\u0430\u043f\u0440\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a HTTP \u0438\u043b\u0438 Telnet); \n- \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u043e\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443; \n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443; \n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 (IDS/IPS) \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438; \n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (VPN).",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "26.12.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.01.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "24.01.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-00655",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-57544",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "E8450",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 sub_422eb8 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Wi-Fi \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 Linksys E8450, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (\u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430) (CWE-120)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 sub_422eb8 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Wi-Fi \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 Linksys E8450 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 strcpy. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://vuldb.com/?id.292862\nhttps://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-120",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,2)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CNVD-2025-02952

Vulnerability from cnvd - Published: 2025-02-13

Title

Linksys E8450 lan_ipaddr参数缓冲区溢出漏洞

Description

Linksys E8450是美国Linksys公司的一款E系列的无线路由器。 Linksys E8450 v1.2.00.360516版本存在缓冲区溢出漏洞，该漏洞源于lan_ipaddr参数没有经过长度验证就复制到堆栈中，远程攻击者可利用该漏洞在系统上执行任意代码或者导致拒绝服务攻击。

Severity

中

Patch Name

Linksys E8450 lan_ipaddr参数缓冲区溢出漏洞的补丁

Patch Description

Linksys E8450是美国Linksys公司的一款E系列的无线路由器。 Linksys E8450 v1.2.00.360516版本存在缓冲区溢出漏洞，该漏洞源于lan_ipaddr参数没有经过长度验证就复制到堆栈中，远程攻击者可利用该漏洞在系统上执行任意代码或者导致拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.linksys.com/kb/article/504-en/

Reference

https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md

Impacted products

Name
Linksys E8450 v1.2.00.360516

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-57544",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-57544"
    }
  },
  "description": "Linksys E8450\u662f\u7f8e\u56fdLinksys\u516c\u53f8\u7684\u4e00\u6b3eE\u7cfb\u5217\u7684\u65e0\u7ebf\u8def\u7531\u5668\u3002\n\nLinksys E8450 v1.2.00.360516\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8elan_ipaddr\u53c2\u6570\u6ca1\u6709\u7ecf\u8fc7\u957f\u5ea6\u9a8c\u8bc1\u5c31\u590d\u5236\u5230\u5806\u6808\u4e2d\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u8005\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.linksys.com/kb/article/504-en/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-02952",
  "openTime": "2025-02-13",
  "patchDescription": "Linksys E8450\u662f\u7f8e\u56fdLinksys\u516c\u53f8\u7684\u4e00\u6b3eE\u7cfb\u5217\u7684\u65e0\u7ebf\u8def\u7531\u5668\u3002\r\n\r\nLinksys E8450 v1.2.00.360516\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8elan_ipaddr\u53c2\u6570\u6ca1\u6709\u7ecf\u8fc7\u957f\u5ea6\u9a8c\u8bc1\u5c31\u590d\u5236\u5230\u5806\u6808\u4e2d\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u8005\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Linksys E8450 lan_ipaddr\u53c2\u6570\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Linksys E8450 v1.2.00.360516"
  },
  "referenceLink": "https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md",
  "serverity": "\u4e2d",
  "submitTime": "2025-01-24",
  "title": "Linksys E8450 lan_ipaddr\u53c2\u6570\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

WID-SEC-W-2025-0158

Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-01-21 23:00

Summary

Linksys Router: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Router der Firma Linksys enthalten eine Firewall und in der Regel eine WLAN-Schnittstelle. Die Geräte sind hauptsächlich für private Anwender und Kleinunternehmen konzipiert.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Linksys Router ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial-of-Service-Zustand zu erzeugen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2024-57536

Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgemäße Längenüberprüfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem führt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu erzeugen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57537

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57538

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57539

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57540

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57541

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57542

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57543

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57544

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

CVE-2024-57545

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Linksys Router E8450 v1.2.00.360516 Linksys / Router	`cpe:/h:linksys:router:e8450_v1.2.00.360516`	E8450 v1.2.00.360516

References

12 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://nvd.nist.gov/vuln/detail/CVE-2024-57545	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57544	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57543	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57542	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57541	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57540	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57539	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57538	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57537	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57536	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Router der Firma Linksys enthalten eine Firewall und in der Regel eine WLAN-Schnittstelle. Die Ger\u00e4te sind haupts\u00e4chlich f\u00fcr private Anwender und Kleinunternehmen konzipiert.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Linksys Router ausnutzen, um beliebigen Programmcode auszuf\u00fchren  oder einen Denial-of-Service-Zustand zu erzeugen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0158 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0158.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0158 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0158"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57545"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57544"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57543"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57542"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57541"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57540"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57539"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57538"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57537"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2025-01-21",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57536"
      }
    ],
    "source_lang": "en-US",
    "title": "Linksys Router: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-21T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-22T12:43:49.608+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0158",
      "initial_release_date": "2025-01-21T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-21T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "E8450 v1.2.00.360516",
                "product": {
                  "name": "Linksys Router E8450 v1.2.00.360516",
                  "product_id": "T040546",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:linksys:router:e8450_v1.2.00.360516"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Router"
          }
        ],
        "category": "vendor",
        "name": "Linksys"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-57536",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57536"
    },
    {
      "cve": "CVE-2024-57537",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57537"
    },
    {
      "cve": "CVE-2024-57538",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57538"
    },
    {
      "cve": "CVE-2024-57539",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57539"
    },
    {
      "cve": "CVE-2024-57540",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57540"
    },
    {
      "cve": "CVE-2024-57541",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57541"
    },
    {
      "cve": "CVE-2024-57542",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57542"
    },
    {
      "cve": "CVE-2024-57543",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57543"
    },
    {
      "cve": "CVE-2024-57544",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57544"
    },
    {
      "cve": "CVE-2024-57545",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Linksys Router. Diese Schwachstellen betreffen mehrere geparste Felder, da sie ohne ordnungsgem\u00e4\u00dfe L\u00e4ngen\u00fcberpr\u00fcfung in den Stack kopiert werden, was zu einem Buffer Overflow oder einem Command Injection Problem f\u00fchrt. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040546"
        ]
      },
      "release_date": "2025-01-21T23:00:00.000+00:00",
      "title": "CVE-2024-57545"
    }
  ]
}

GHSA-3475-M476-QQGH

Vulnerability from github – Published: 2025-01-21 21:30 – Updated: 2025-01-23 00:33

Details

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-57544"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-21T21:15:12Z",
    "severity": "MODERATE"
  },
  "details": "Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.",
  "id": "GHSA-3475-m476-qqgh",
  "modified": "2025-01-23T00:33:59Z",
  "published": "2025-01-21T21:30:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57544"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-57544

Vulnerability from fkie_nvd - Published: 2025-01-21 21:15 - Updated: 2025-04-22 14:11

Severity ?

5.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.

References

	URL	Tags
	cve@mitre.org	https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md	Exploit, Third Party Advisory
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	linksys	e8450_firmware	1.2.00.360516
	linksys	e8450	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linksys:e8450_firmware:1.2.00.360516:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF62C66-AF67-4A60-A41E-77C0FB526D53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:linksys:e8450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEF3B59-D5D1-4234-9925-FCB53E45AC1A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification."
    },
    {
      "lang": "es",
      "value": "Se descubri\u00f3 que Linksys E8450 v1.2.00.360516 contiene una vulnerabilidad de desbordamiento de b\u00fafer. El campo analizado (lan_ipaddr) se copia a la pila sin verificaci\u00f3n de longitud."
    }
  ],
  "id": "CVE-2024-57544",
  "lastModified": "2025-04-22T14:11:20.973",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.4,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-21T21:15:12.510",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Wood1314/Linksys_E8450_vul/blob/main/6/6.md"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-57544 (GCVE-0-2024-57544)

VAR-202501-1788

BDU:2025-00655

CNVD-2025-02952

WID-SEC-W-2025-0158

GHSA-3475-M476-QQGH

FKIE_CVE-2024-57544

Tags

Sightings

Nomenclature