How severe is CVE-2023-50243?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2023-50243?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2023-50243 - HIGH Severity | CVSS 7.2

Vulnerability Description

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `comment` request's parameter.

Related Vulnerabilities

CVE-2019-10193

HIGH

CVSS:7.2(High)

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRAN...

CWE-1212019

CVE-2019-15695

HIGH

CVSS:7.2(High)

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFor...

CWE-1212019

CVE-2020-1990

HIGH

CVSS:7.2(High)

A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root ...

CWE-1212020

CVE-2020-2027

HIGH

CVSS:7.2(High)

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root ...

CWE-1212020

CVE-2020-2042

HIGH

CVSS:7.2(High)

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This...

CWE-1212020

CVE-2021-1159

HIGH

CVSS:7.2(High)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code...

CWE-1212021