CVE-2024-45413
https://notcve.org/view.php?id=CVE-2024-45413
An authenticated attacker can get RCE as root by exploiting this vulnerability. • https://wr3nchsr.github.io/zte-multiple-routers-httpd-vulnerabilities-advisory • CWE-121: Stack-based Buffer Overflow •
CVE-2024-45416
https://notcve.org/view.php?id=CVE-2024-45416
An attacker who is able to write a malicious file in the sessions directory can get RCE as root. • https://wr3nchsr.github.io/zte-multiple-routers-httpd-vulnerabilities-advisory • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVE-2024-45415
https://notcve.org/view.php?id=CVE-2024-45415
An unauthenticated attacker can get RCE as root by exploiting this vulnerability. • https://wr3nchsr.github.io/zte-multiple-routers-httpd-vulnerabilities-advisory • CWE-121: Stack-based Buffer Overflow •
CVE-2024-45105
https://notcve.org/view.php?id=CVE-2024-45105
An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-825: Expired Pointer Dereference •
CVE-2024-4550
https://notcve.org/view.php?id=CVE-2024-4550
A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code. • https://support.lenovo.com/us/en/product_security/LEN-165524 • CWE-121: Stack-based Buffer Overflow •