Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Netis WF2880和WF2411 缓冲区错误漏洞
Vulnerability Description
Netis WF2880和WF2411 2.1.36123版本中存在基于栈的缓冲区溢出漏洞。攻击者可通过发送带有较长HTTP ‘Authorization: Basic’报头的GET请求利用该漏洞造成拒绝服务(设备重启)或执行代码。
CVSS Information
N/A
Vulnerability Type
N/A