CVE-2024-41285 - Vulnerability Details - OpenCVE

A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

Vendors	Products
Fastcom	Fw300r Fw300r Firmware

Configuration 1 [-]

AND

cpe:2.3:o:fastcom:fw300r_firmware:1.3.13_build_141023_rel.61347n:*:*:*:*:*:*:*

cpe:2.3:h:fastcom:fw300r:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149
https://github.com/Giles-one/FW300RouterCrack/
https://www.fastcom.com.cn/product-8.html

History

Tue, 27 Aug 2024 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fastcom fw300r Firmware
Weaknesses		CWE-787
CPEs		cpe:2.3:h:fastcom:fw300r:-:::::::* cpe:2.3:o:fastcom:fw300r_firmware:1.3.13_build_141023_rel.61347n:::::::*
Vendors & Products		Fastcom fw300r Firmware

Mon, 26 Aug 2024 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fastcom Fastcom fw300r
Weaknesses		CWE-120
CPEs		cpe:2.3:a:fastcom:fw300r::::::::
Vendors & Products		Fastcom Fastcom fw300r
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 26 Aug 2024 16:00:00 +0000

Type	Values Removed	Values Added
Description		A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path.
References		https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149 https://github.com/Giles-one/FW300RouterCrack/ https://www.fastcom.com.cn/product-8.html

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-08-26T00:00:00

Updated: 2024-08-26T17:28:24.148Z

Reserved: 2024-07-18T00:00:00

Link: CVE-2024-41285

Vulnrichment

Updated: 2024-08-26T17:27:12.347Z

NVD

Status : Analyzed

Published: 2024-08-26T16:15:08.990

Modified: 2024-08-27T16:03:16.043

Link: CVE-2024-41285

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-41285", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-26T17:28:24.148Z", "dateReserved": "2024-07-18T00:00:00", "datePublished": "2024-08-26T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-26T15:45:27.567315"}, "descriptions": [{"lang": "en", "value": "A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.fastcom.com.cn/product-8.html"}, {"url": "https://github.com/Giles-one/FW300RouterCrack/"}, {"url": "https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "affected": [{"vendor": "fastcom", "product": "fw300r", "cpes": ["cpe:2.3:a:fastcom:fw300r:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.3.13", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-26T17:24:15.516904Z", "id": "CVE-2024-41285", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T17:28:24.148Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-41285", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-26T17:24:15.516904Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fastcom:fw300r:*:*:*:*:*:*:*:*"], "vendor": "fastcom", "product": "fw300r", "versions": [{"status": "affected", "version": "1.3.13"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T17:27:12.347Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.fastcom.com.cn/product-8.html"}, {"url": "https://github.com/Giles-one/FW300RouterCrack/"}, {"url": "https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149"}], "descriptions": [{"lang": "en", "value": "A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-26T15:45:27.567315"}}}, "cveMetadata": {"cveId": "CVE-2024-41285", "state": "PUBLISHED", "dateUpdated": "2024-08-26T17:28:24.148Z", "dateReserved": "2024-07-18T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-08-26T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fastcom:fw300r_firmware:1.3.13_build_141023_rel.61347n:*:*:*:*:*:*:*", "matchCriteriaId": "9DC2BD23-1CF5-444B-9092-A4426A72313B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:fastcom:fw300r:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9C3F519-11ED-4EBF-9988-D4C411CE72BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path."}, {"lang": "es", "value": "Un desbordamiento de pila en FAST FW300R v1.3.13 Build 141023 Rel.61347n permite a los atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de una ruta de archivo manipulada."}], "id": "CVE-2024-41285", "lastModified": "2024-08-27T16:03:16.043", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-26T16:15:08.990", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://gist.github.com/Giles-one/834b2becd7abebc3cabea0484301d149"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://github.com/Giles-one/FW300RouterCrack/"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.fastcom.com.cn/product-8.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}