CVE-2024-23978

CRITICAL

HOME SPOT CUBE2 V102 and earlier - Heap-based Buffer Overflow

Title source: llm

Description

Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported.

References (2)

Core 2

Core References

Third Party Advisory

https://jvn.jp/en/vu/JVNVU93740658/

Vendor Advisory

https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/

Scores

CVSS v3 9.8

EPSS 0.0065

EPSS Percentile 46.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-787

Status published

Products (1)

kddi/home_spot_cube_2_firmware v102

Published Feb 02, 2024

Tracked Since Feb 18, 2026