CVE-2023-2575

Name of the Vulnerable Software and Affected Versions Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21

Description The issue is related to a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request. This vulnerability may allow a remote attacker to execute arbitrary code by sending specially formed POST requests.

Recommendations For Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21, consider disabling access to the vulnerable function until a patch is available. Restrict access to the affected devices to minimize the risk of exploitation. Avoid using the vulnerable API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.