CVE-2023-49351
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el binario /bin/webs en la versión v1.23 del firmware Edimax BR6478AC V2 permite a los atacantes sobrescribir otros valores ubicados en la pila debido a un uso incorrecto de la función strcpy().
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-11-27 CVE Reserved
- 2024-01-16 CVE Published
- 2024-01-31 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://github.com/countfatcode/temp/blob/main/formUSBAccount/formUSBAccount.md | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Edimax Search vendor "Edimax" | Br-6478ac Firmware Search vendor "Edimax" for product "Br-6478ac Firmware" | 1.23 Search vendor "Edimax" for product "Br-6478ac Firmware" and version "1.23" | - |
Affected
| in | Edimax Search vendor "Edimax" | Br-6478ac Search vendor "Edimax" for product "Br-6478ac" | v2 Search vendor "Edimax" for product "Br-6478ac" and version "v2" | - |
Safe
|