CVE-2023-48725
published 2024-03-07CVE-2023-48725: A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netgear | rax30 | — | — |
| netgear | rax30 | — | — |
| netgear | rax30_firmware | — | — |
| netgear | rax30_firmware | — | — |