CVE-2024-25331

CRITICAL Year: 2024
CVSS v3 Score
9.3
Critical
Weakness Type
CWE-121
View all →

Vulnerability Description

DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow.

Related Vulnerabilities

CVE-2021-21887

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remot...

CWE-1212021

CVE-2021-21890

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote...

CWE-1212021

CVE-2021-21891

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote...

CWE-1212021

CVE-2022-26002

CRITICAL
CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the console factory functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to remote code execution. An...

CWE-1212022

CVE-2024-20518

CRITICAL
CVSS:9.1(Critical)

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbi...

CWE-1212024

CVE-2024-20519

CRITICAL
CVSS:9.1(Critical)

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbi...

CWE-1212024