Vulnerability Description
An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631). The malformed request will contain an empty Origin header value and a malformed Referer header value. The Referer header value will trigger a stack based buffer overflow when the host value in the Referer header is processed and is greater than 64 bytes in length.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f
- https://github.com/sfewer-r7/BrotherVulnerabilities
- https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100846_000
- https://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100848_000
- https://support.brother.com/g/b/link.aspx?prod=lmgroup1&faqid=faqp00100620_000
- https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0625_announce.htm
- https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf
- https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabiliti
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007
- https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f
FAQ
What is CVE-2024-51979?
CVE-2024-51979 is a vulnerability with a CVSS score of 7.2 (HIGH). An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TC...
How severe is CVE-2024-51979?
CVE-2024-51979 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-51979?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.