CVE-2023-2575
published 2023-05-08CVE-2023-2575: Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by…
PriorityP268high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
15.50%
96.4th percentile
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | eki-1521 | <= 1.21 | — |
| advantech | eki-1521_firmware | <= 1.21 | — |
| advantech | eki-1522 | <= 1.21 | — |
| advantech | eki-1522_firmware | <= 1.21 | — |
| advantech | eki-1524 | <= 1.21 | — |
| advantech | eki-1524_firmware | <= 1.21 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/172307/Advantech-EKI-15XX-Series-Command-Injection-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2023/May/4https://cyberdanube.com/en/multiple-vulnerabilities-in-advantech-eki-15xx-series/https://www.advantech.com/en/support/details/firmware?id=1-1J9BEBLhttps://www.advantech.com/en/support/details/firmware?id=1-1J9BECThttps://www.advantech.com/en/support/details/firmware?id=1-1J9BED3http://packetstormsecurity.com/files/172307/Advantech-EKI-15XX-Series-Command-Injection-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2023/May/4https://cyberdanube.com/en/multiple-vulnerabilities-in-advantech-eki-15xx-series/https://www.advantech.com/en/support/details/firmware?id=1-1J9BEBLhttps://www.advantech.com/en/support/details/firmware?id=1-1J9BECThttps://www.advantech.com/en/support/details/firmware?id=1-1J9BED3
2023-05-08
Published