VYPR

rtl819x Jungle SDK

by Realtek

CVEs (24)

  • CVE-2021-35395CriKEVAug 16, 2021
    risk 0.84cvss 9.8epss 0.98

    Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both…

  • CVE-2021-35394CriKEVAug 16, 2021
    risk 0.84cvss 9.8epss 1.00

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be…

  • CVE-2021-35393CriAug 16, 2021
    risk 0.69cvss 9.8epss 0.70

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability…

  • CVE-2023-47677HigJul 8, 2024
    risk 0.57cvss 8.8epss 0.00

    A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-29558HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface.

  • CVE-2021-35392HigAug 16, 2021
    risk 0.55cvss 7.5epss 0.83

    Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is present…

  • CVE-2024-21778HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An attacker can upload a malicious file to trigger this…

  • CVE-2023-50383HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.02

    Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these…

  • CVE-2023-50382HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.02

    Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these…

  • CVE-2023-50381HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.03

    Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these…

  • CVE-2023-50330HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.

  • CVE-2023-50244HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these…

  • CVE-2023-50243HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these…

  • CVE-2023-50240HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger…

  • CVE-2023-50239HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger…

  • CVE-2023-49867HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.

  • CVE-2023-49595HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger…

  • CVE-2023-49073HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this…

  • CVE-2023-48270HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this…

  • CVE-2023-47856HigJul 8, 2024
    risk 0.47cvss 7.2epss 0.01

    A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this…

Page 1 of 2