1 results (0.002 seconds)
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-7490 – Remote Code Execution in Advanced Software Framework DHCP server
https://notcve.org/view.php?id=CVE-2024-7490
08 Aug 2024 — Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option. This issue affects Advanced Software Framework: through 3.52.0.2574. ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework. • https://www.microchip.com/en-us/tools-resources/develop/libraries/advanced-software-framework • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •