HIGH🇬🇧 English

CVE-2023-45742

CVSS 7.2v3.1pub. 2024-07-08upd. 2025-11-04

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Level1 Wbr 6013

    HW
    Level1
    wszystkie wersje
  • Level1 Wbr 6013 Firmware

    OS
    Level1
    rer4_a_v3411b_2t2r_lev_09_170623
  • Realtek Rtl819x Jungle Software Development Kit

    APP
    Realtek
    3.4.11
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2021-35395CRITICAL9.8⚠ KEVten sam produkt

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface tha...

CVE-2021-35394CRITICAL9.8⚠ KEVten sam produkt

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually c...

CVE-2023-46685CRITICAL9.8PL ✓ten sam produkt

Zakodowane na stałe hasło w usłudze telnetd routera LevelOne WBR-6013

CVE-2021-35393CRITICAL9.8ten sam produkt

Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPn...

CVE-2023-34435HIGH7.2ten sam produkt

A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4....