CVE-2024-54808

CWE-121 — Stack-based Buffer Overflow3 documents3 sources

Severity

9.8CRITICAL

EPSS

0.9%

top 24.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Wnr854t Firmware

Timeline

PublishedMar 31

Description

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDnetgear/wnr854t_firmware1.5.2

🔴Vulnerability Details

CVEList

CVE-2024-54808: Netgear WNR854T 1↗2025-03-31

▶

GHSA

GHSA-mhxj-3vr2-vm4r: Netgear WNR854T 1↗2025-03-31

▶