Vulnerability Description
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Airties | Air Firmware | <= 1.0.2.0 |
| Airties | Air 5021 | - |
| Airties | Air 5341 | - |
| Airties | Air 5342 | - |
| Airties | Air 5343 | - |
| Airties | Air 5442 | - |
| Airties | Air 5443 | - |
| Airties | Air 5444Tt | - |
| Airties | Air 5453 | - |
| Airties | Air 5650Tt | - |
| Airties | Air 5750 | - |
| Airties | Air 5760 | - |
| Airties | Air 6372 | - |
Related Weaknesses (CWE)
References
- http://osvdb.org/show/osvdb/120335
- http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/Exploit
- http://www.securityfocus.com/bid/75355
- https://www.exploit-db.com/exploits/36577/Exploit
- https://www.exploit-db.com/exploits/37170/Exploit
- http://osvdb.org/show/osvdb/120335
- http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/Exploit
- http://www.securityfocus.com/bid/75355
- https://www.exploit-db.com/exploits/36577/Exploit
- https://www.exploit-db.com/exploits/37170/Exploit
FAQ
What is CVE-2015-2797?
CVE-2015-2797 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execut...
How severe is CVE-2015-2797?
CVE-2015-2797 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2797?
Check the references section above for vendor advisories and patch information. Affected products include: Airties Air Firmware, Airties Air 5021, Airties Air 5341, Airties Air 5342, Airties Air 5343.