CVE-2024-3871
Severity CVSS v4.0:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
16/04/2024
Last modified:
17/04/2024
Description
The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities.<br />
Successful exploitation of these flaws would allow remote unauthenticated attackers to gain remote code execution with elevated privileges on the affected devices.<br />
<br />
This issue affects DVW-W02W2-E2 through version 2.5.2.<br />
<br />
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL