CVE-2024-52015

MEDIUM

5.7CVSS v3

—CVSS v2

0.22% EPSS (exploit probability)

CWE-120CWE

Description

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

CVSS v3 vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected routers (1)

Vendor	Model	Matched via	Affected versions	Fixed in	Patch?
Netgear	Netgear Nighthawk R7000	`—`	—	—	No

External references

NIST NVD
MITRE CVE