CVE-2024-48871
published 2024-12-06CVE-2024-48871: The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails…
PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.37%
68.4th percentile
The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| planet_technology | planet_wgs-804hpt | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target device: Planet WGS-804HPT running firmware v1.305b210531 is vulnerable; the attack vector is a malicious unauthenticated HTTP request that triggers a stack-based buffer overflow in the webserver due to missing input-size validation before copying data to the stack. ↗
- →The vulnerability is exploitable remotely with no authentication and low attack complexity over the network (AV:N/AC:L/PR:N/UI:N); monitor for anomalous or oversized HTTP requests to Planet WGS-804HPT management interfaces. ↗
- →Affected version to flag in asset inventory or network traffic fingerprinting: Planet WGS-804HPT Version v1.305b210531. ↗
- ·No known public exploitation has been reported at time of advisory publication; no proof-of-concept or in-the-wild exploit artifacts were disclosed in the sources. ↗
- ·The advisory covers three CVEs on the same device (CVE-2024-48871, CVE-2024-52320, CVE-2024-52558); detection logic targeting HTTP requests to this device may surface indicators for all three, not exclusively CVE-2024-48871. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Planet Technology Planet WGS-804HPT
cisa_ics·2024-12-05·CVSS 9.3
[CRITICAL] Planet Technology Planet WGS-804HPT
ICS Advisory
##
Planet Technology Planet WGS-804HPT
Release DateDecember 05, 2024
Alert CodeICSA-24-340-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Planet Technology
- Equipment: Planet WGS-804HPT
- Vulnerabilities: Stack-based Buffer Overflow, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Integer Underflow (Wrap or Wraparound)
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in remote code execution.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Planet WGS-804HPT, an industrial switch,
GHSA
GHSA-jpgm-g5cc-54qg: The affected product is vulnerable to a stack-based buffer overflow
ghsa_unreviewed·2024-12-06
CVE-2024-48871 [CRITICAL] CWE-121 GHSA-jpgm-g5cc-54qg: The affected product is vulnerable to a stack-based buffer overflow
The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-12-06
Published