CVE-2024-54808
CRITICALNetgear WNR854T 1.5.2 - Stack-based Buffer Overflow in SetDefaultConnectionService
Title source: llmDescription
Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#808
Scores
CVSS v3
9.8
EPSS
0.0067
EPSS Percentile
71.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (1)
netgear/wnr854t_firmware
1.5.2
Published
Mar 31, 2025
Tracked Since
Feb 18, 2026