| CVE ID | CVE-2024-6144 |
| CVSS SCORE | 8.8, AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| AFFECTED VENDORS |
Actiontec |
| AFFECTED PRODUCTS |
WCB6200Q |
| VULNERABILITY DETAILS |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. |
| ADDITIONAL DETAILS |
08/03/23 – ZDI requested vendor PSIRT contact. 08/11/23 – ZDI asked for an update. 09/18/23 – ZDI asked for an update. 09/18/23 – The vendor sent an automated support ticket response. 10/20/23 – ZDI asked for an update. 02/27/24 – ZDI sent the report to Actiontec support. 03/27/24 – The vendor sent an automated support ticket response. 06/17/27 – The ZDI informed the vendor that since we’ve never received a formal response to the report, that we intend to publish the report as a zero-day advisory on 6/18/24. -- Mitigation: Given the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the application. |
| DISCLOSURE TIMELINE |
|
| CREDIT | Logan Stratton |
