How severe is CVE-2024-1004?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2024-1004?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2024-1004

HIGH Year: 2024

CVSS v3 Score

7.2

High

CVSS v2 Score

8.3

High

Weakness Type

CWE-121

View all →

Vulnerability Description

A vulnerability, which was classified as critical, was found in Totolink N200RE 9.3.5u.6139_B20201216. This affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252273 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2019-10193

HIGH

CVSS:7.2(High)

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRAN...

CWE-1212019

CVE-2019-15695

HIGH

CVSS:7.2(High)

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFor...

CWE-1212019

CVE-2020-1990

HIGH

CVSS:7.2(High)

A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root ...

CWE-1212020

CVE-2020-2027

HIGH

CVSS:7.2(High)

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root ...

CWE-1212020

CVE-2020-2042

HIGH

CVSS:7.2(High)

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This...

CWE-1212020

CVE-2021-1159

HIGH

CVSS:7.2(High)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code...

CWE-1212021

CVE-2024-1004

Vulnerability Description

Related Vulnerabilities

CVE-2019-10193

CVE-2019-15695

CVE-2020-1990

CVE-2020-2027

CVE-2020-2042

CVE-2021-1159