cvdyfbwa/IoT_LBT_Router

Releases0

LBT-T300-T390 router stack overflow vulnerability

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-27567 ↗	Mar 1, 2024Friday, 1 March 2024, 14:15	6.5 MEDIUM	—
LBT T300- T390 v2.2.1.8 were discovered to contain a stack overflow via the vpn_client_ip parameter in the config_vpn_pptp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27568 ↗	Mar 1, 2024Friday, 1 March 2024, 14:15	6.5 MEDIUM	—
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the apn_name_3g parameter in the setupEC20Apn function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27569 ↗	Mar 1, 2024Friday, 1 March 2024, 14:15	6.5 MEDIUM	—
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the init_nvram function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27570 ↗	Mar 1, 2024Friday, 1 March 2024, 14:15	7.5 HIGH	—
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the generate_conf_router function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27571 ↗	Mar 1, 2024Friday, 1 March 2024, 14:15	7.5 HIGH	—
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the makeCurRemoteApList function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27572 ↗	Mar 1, 2024Friday, 1 March 2024, 14:15	7.5 HIGH	—
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the updateCurAPlist function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.