July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Remcos RAT – Active IOCs
November 28, 2024Multiple D-Link Products Vulnerabilities
November 28, 2024Remcos RAT – Active IOCs
November 28, 2024Multiple D-Link Products Vulnerabilities
November 28, 2024
Severity
Medium
Analysis Summary
CVE-2024-50998 CVSS:6.5
Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpn_service_port and openvpn_service_port_tun parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-51003 CVSS:5.7
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component ap_mode.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-50998
- CVE-2024-51003
Affected Vendors
NETGEAR
Affected Products
- NETGEAR R8500 1.0.2.160
- NETGEAR XR300 1.0.3.78
- NETGEAR R7000P 1.3.3.154
- NETGEAR R6400 v2 1.0.4.128
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.