CVE-2024-6143

Name of the Vulnerable Software and Affected Versions Actiontec WCB6200Q (affected versions not specified)

Description The issue is related to a buffer overflow vulnerability in the uh tcp recv header() function of the HTTP server in the Actiontec WCB6200Q Wi-Fi range extender microprogram. This vulnerability is caused by the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. The vulnerability can be exploited remotely by network-adjacent attackers without requiring authentication.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.