Vulnerability Description
There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading to remote code execution.
CVSS Score
6.7
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linksys | E1000 Firmware | <= 2.1.03 |
| Linksys | E1000 | - |
Related Weaknesses (CWE)
References
- https://d05004.notion.site/Linksys-E1000-BOF-37b98eec45ea4fc991b9b5bea3db091d?pvExploitThird Party Advisory
- https://d05004.notion.site/Linksys-E1000-BOF-37b98eec45ea4fc991b9b5bea3db091d?pvExploitThird Party Advisory
FAQ
What is CVE-2024-28283?
CVE-2024-28283 is a vulnerability with a CVSS score of 6.7 (MEDIUM). There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading to remote code execution.
How severe is CVE-2024-28283?
CVE-2024-28283 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-28283?
Check the references section above for vendor advisories and patch information. Affected products include: Linksys E1000 Firmware, Linksys E1000.