1 results (0.001 seconds)
CVSS: 9.8EPSS: 71%CPEs: 4EXPL: 2
CVSS: 9.8EPSS: 71%CPEs: 4EXPL: 2CVE-2019-8985
https://notcve.org/view.php?id=CVE-2019-8985
21 Feb 2019 — On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa. En Netis WF211, con la versión de firmware 2.1.36123, y otros dispositivos de Netis (posiblemente de... • https://github.com/Squirre17/CVE-2019-8985 • CWE-306: Missing Authentication for Critical Function CWE-787: Out-of-bounds Write •