Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_43/43.md | Broken Link |
| https://www.netgear.com/about/security/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
21 May 2025, 20:24
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Netgear r8500
Netgear r6400v2 Netgear xr300 Netgear r7000p Firmware Netgear Netgear r8500 Firmware Netgear xr300 Firmware Netgear r7000p Netgear r6400v2 Firmware |
|
| References | () https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_43/43.md - Broken Link | |
| References | () https://www.netgear.com/about/security/ - Vendor Advisory | |
| CPE | cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400v2_firmware:1.0.4.128:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000p_firmware:1.3.3.154:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr300_firmware:1.0.3.78:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:* |
05 Nov 2024, 16:35
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-11-05 15:15
Updated : 2025-05-21 20:24
NVD link : CVE-2024-52015
Mitre link : CVE-2024-52015
JSON object : View
Products Affected
netgear
- r8500_firmware
- r7000p_firmware
- r7000p
- r6400v2
- r8500
- xr300_firmware
- r6400v2_firmware
- xr300
CWE
No CWE.