CVE-2024-6146

Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21418.

CVSS v3.0 8.8 HIGH

8.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.zerodayinitiative.com/advisories/ZDI-24-809/	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:actiontec:wcb6200q_firmware:1.2l.03.5:*:*:*:*:*:*:*

cpe:2.3:h:actiontec:wcb6200q:-:*:*:*:*:*:*:*

History

19 Sep 2024, 17:50

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:o:actiontec:wcb6200q_firmware:1.2l.03.5:::::::* cpe:2.3:h:actiontec:wcb6200q:-:::::::*
References	~~() https://www.zerodayinitiative.com/advisories/ZDI-24-809/ -~~	() https://www.zerodayinitiative.com/advisories/ZDI-24-809/ - Third Party Advisory, VDB Entry
CWE		CWE-787
First Time		Actiontec wcb6200q Firmware Actiontec wcb6200q Actiontec

19 Jun 2024, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-19 00:15

Updated : 2024-09-19 17:50

NVD link : CVE-2024-6146

Mitre link : CVE-2024-6146

JSON object : View

Products Affected

actiontec

wcb6200q
wcb6200q_firmware

CWE

CWE-787

Out-of-bounds Write

8.8 /10