CVE-2024-28515

CRITICAL

CSAPP Lab <15-213 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-28515. PoCs published by heshi906.

AI-analyzed exploit summary The repository describes a buffer overflow vulnerability (CVE-2024-28515) in CSAPP Lab3's buflab-update.pl component, allowing remote code execution. No exploit code is provided; only a README with vulnerability details and references.

Description

Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component.

Exploits (1)

nomisec WRITEUP 1 stars

by heshi906 · poc

https://github.com/heshi906/CVE-2024-28515

View Code ZIP pw:eip

The repository describes a buffer overflow vulnerability (CVE-2024-28515) in CSAPP Lab3's buflab-update.pl component, allowing remote code execution. No exploit code is provided; only a README with vulnerability details and references.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: CSAPP Lab3 - 15-213, Fall 20xx (buflab-update.pl)

No auth needed

Prerequisites: Server deploying CSAPP Lab3 with vulnerable buflab-update.pl component

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://gist.github.com/heshi906/090b647a76981b8aa621e99fd6e1795d

Various Sources

https://github.com/heshi906/CVE-2024-28515

Scores

CVSS v3 9.8

EPSS 0.0152

EPSS Percentile 71.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-125

Status published

Published Apr 03, 2024

Tracked Since Feb 18, 2026