CVE-2024-53703Stack-based Buffer Overflow in SMA 200 Firmware

CWE-121Stack-based Buffer Overflow3 documents3 sources
Severity
8.1HIGHNVD
EPSS
29.1%
top 3.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Sonicwall SMA 200 FirmwareSonicwall SMA 210 FirmwareSonicwall SMA 400 Firmware+3 more
Timeline
PublishedDec 5

Description

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages6 packages

NVDsonicwall/sma_200_firmware< 10.2.1.14-75sv
NVDsonicwall/sma_210_firmware< 10.2.1.14-75sv
NVDsonicwall/sma_400_firmware< 10.2.1.14-75sv
NVDsonicwall/sma_410_firmware< 10.2.1.14-75sv
NVDsonicwall/sma_500v_firmware< 10.2.1.14-75sv

🔴Vulnerability Details

2
CVEList
CVE-2024-53703: A vulnerability in the SonicWall SMA100 SSLVPN firmware 102024-12-05
GHSA
GHSA-9m9p-7xr9-44ff: A vulnerability in the SonicWall SMA100 SSLVPN firmware 102024-12-05
CVE-2024-53703 — Stack-based Buffer Overflow | cvebase