CVE-2024-57540

Name of the Vulnerable Software and Affected Versions Linksys E8450 version 1.2.00.360516

Description A buffer overflow issue was discovered, where the action field is copied to the stack without length verification. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is related to the sub 422eb8 function in the Wi-Fi router's firmware.

Recommendations For Linksys E8450 version 1.2.00.360516, consider disabling the sub 422eb8 function as a temporary workaround until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the action field in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.