How severe is CVE-2024-6343?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2024-6343?

This is classified as CWE-120, which is a common weakness in software security.

CVE-2024-6343

MEDIUM Year: 2024

CVSS v3 Score

4.9

Medium

Weakness Type

CWE-120

View all →

Vulnerability Description

A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

CVE-2021-28175

MEDIUM

CVSS:4.9(Medium)

The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileg...

CWE-1202021

CVE-2021-28176

MEDIUM

CVSS:4.9(Medium)

The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged ...

CWE-1202021

CVE-2021-28177

MEDIUM

CVSS:4.9(Medium)

The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged...

CWE-1202021

CVE-2021-28178

MEDIUM

CVSS:4.9(Medium)

The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged...

CWE-1202021

CVE-2021-28179

MEDIUM

CVSS:4.9(Medium)

The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability....

CWE-1202021

CVE-2021-28180

MEDIUM

CVSS:4.9(Medium)

The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As ...

CWE-1202021

CVE-2024-6343

Vulnerability Description

Related Vulnerabilities

CVE-2021-28175

CVE-2021-28176

CVE-2021-28177

CVE-2021-28178

CVE-2021-28179

CVE-2021-28180