ID |
CVE-2024-7439
|
Sažetak |
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273524. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life. |
Reference |
|
CVSS |
Base: | 9.0 |
Impact: | 10.0 |
Exploitability: | 8.0 |
|
Pristup |
Vektor | Složenost | Autentikacija |
NETWORK |
LOW |
SINGLE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
COMPLETE |
COMPLETE |
COMPLETE |
|
CVSS vektor |
AV:N/AC:L/Au:S/C:C/I:C/A:C |
Zadnje važnije ažuriranje |
06-08-2024 - 17:46 |
Objavljeno |
03-08-2024 - 16:15 |