CVE-2024-45413
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-45413
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ZTE多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ZTE ZXHN H168N等都是中国中兴(ZTE)公司的产品。ZTE ZXHN H168N是一款路由器。ZTE ZXHN H168A是一款无线路由器。ZTE ZXHN E1600是一款Wi-Fi 6路由器。 ZTE多款产品存在安全漏洞,该漏洞源于存在基于堆栈的缓冲区溢出漏洞,经过身份验证的攻击者可以利用此漏洞以root身份远程执行代码。以下产品和版本受到影响:ZXHN H168A V2.1版本、ZXHN H168N V3.5版本、ZXHN H338A V1.5版本、ZXHN E1600 V1.0版本、Z
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2024-45413
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-45413
请登录查看更多情报信息。
Same Patch Batch · n/a · 2024-09-16 · 38 CVEs total
| CVE-2023-42772 | 8.2 HIGH | Intel Processors 安全漏洞 |
| CVE-2024-23599 | 7.9 HIGH | Intel Processors 安全漏洞 |
| CVE-2023-41833 | 7.5 HIGH | Intel Processors 竞争条件问题漏洞 |
| CVE-2024-21829 | 7.5 HIGH | Intel Processors 输入验证错误漏洞 |
| CVE-2023-43626 | 7.5 HIGH | Intel Processors 访问控制错误漏洞 |
| CVE-2024-21871 | 7.5 HIGH | Intel Processors 输入验证错误漏洞 |
| CVE-2024-21781 | 7.2 HIGH | Intel Processors 输入验证错误漏洞 |
| CVE-2024-34543 | 6.7 MEDIUM | Intel RAID Web Console 访问控制错误漏洞 |
| CVE-2024-34153 | 6.7 MEDIUM | Intel Raid Web Console 代码问题漏洞 |
| CVE-2024-32940 | 6.5 MEDIUM | Intel Raid Web Console 访问控制错误漏洞 |
| CVE-2024-33848 | 6.5 MEDIUM | Intel Raid Web Console 安全漏洞 |
| CVE-2023-23904 | 6.1 MEDIUM | Intel Processors 安全漏洞 |
| CVE-2023-22351 | 6.1 MEDIUM | Intel Processors 缓冲区错误漏洞 |
| CVE-2024-8880 | 5.6 MEDIUM | playSMS Template index.php code injection |
| CVE-2023-43753 | 5.3 MEDIUM | Intel Processors 安全漏洞 |
| CVE-2024-24968 | 5.3 MEDIUM | Intel Processors 安全漏洞 |
| CVE-2024-23984 | 5.3 MEDIUM | Intel Processors 安全漏洞 |
| CVE-2024-34545 | 5.2 MEDIUM | Intel Raid Web Console 安全漏洞 |
| CVE-2024-32666 | 4.7 MEDIUM | Intel Raid Web Console 代码问题漏洞 |
| CVE-2024-36247 | 4.6 MEDIUM | Intel Raid Web Console 访问控制错误漏洞 |
Showing top 20 of 38 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2024-45413
No comments yet