ID
VAR-202308-3394
CVE
CVE-2023-41028
TITLE
Juplink of RX4-1500 Out-of-bounds write vulnerability in firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2023-011864
DESCRIPTION
A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root. Juplink of RX4-1500 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.71
sources:
NVD: CVE-2023-41028 //
JVNDB: JVNDB-2023-011864 //
VULMON: CVE-2023-41028
AFFECTED PRODUCTS
| vendor: | juplink | model: | rx4-1500 | scope: | lte | version: | 1.0.5 | Trust: 1.0 |
| vendor: | juplink | model: | rx4-1500 | scope: | gte | version: | 1.0.2 | Trust: 1.0 |
| vendor: | juplink | model: | rx4-1500 | scope: | eq | version: | rx4-1500 firmware 1.0.2 to 1.0.5 | Trust: 0.8 |
| vendor: | juplink | model: | rx4-1500 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | juplink | model: | rx4-1500 | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2023-011864 //
NVD: CVE-2023-41028
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2023-011864 //
NVD: CVE-2023-41028 //
NVD: CVE-2023-41028
PROBLEMTYPE DATA
| problemtype: | CWE-121 | Trust: 1.0 |
| problemtype: | CWE-787 | Trust: 1.0 |
| problemtype: | Out-of-bounds writing (CWE-787) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2023-011864 //
NVD: CVE-2023-41028
EXTERNAL IDS
| db: | NVD | id: | CVE-2023-41028 | Trust: 2.7 |
| db: | JVNDB | id: | JVNDB-2023-011864 | Trust: 0.8 |
| db: | VULMON | id: | CVE-2023-41028 | Trust: 0.1 |
sources:
VULMON: CVE-2023-41028 //
JVNDB: JVNDB-2023-011864 //
NVD: CVE-2023-41028
REFERENCES
| url: | https://blog.exodusintel.com/2023/08/23/juplink-rx4-1500-stack-based-buffer-overflow-vulnerability/ | Trust: 1.9 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2023-41028 | Trust: 0.8 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULMON: CVE-2023-41028 //
JVNDB: JVNDB-2023-011864 //
NVD: CVE-2023-41028
SOURCES
| db: | VULMON | id: | CVE-2023-41028 |
| db: | JVNDB | id: | JVNDB-2023-011864 |
| db: | NVD | id: | CVE-2023-41028 |
LAST UPDATE DATE
2024-08-14T15:26:26.585000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2023-41028 | date: | 2023-08-24T00:00:00 |
| db: | JVNDB | id: | JVNDB-2023-011864 | date: | 2023-12-14T06:49:00 |
| db: | NVD | id: | CVE-2023-41028 | date: | 2023-09-01T17:31:30.300 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2023-41028 | date: | 2023-08-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2023-011864 | date: | 2023-12-14T00:00:00 |
| db: | NVD | id: | CVE-2023-41028 | date: | 2023-08-23T22:15:09.077 |