CVE-2024-57541

Name of the Vulnerable Software and Affected Versions Linksys E8450 version 1.2.00.360516

Description The issue is related to a buffer overflow vulnerability. The ipv6 protect status field is copied to the stack without length verification, which can lead to a buffer overflow. This potentially allows attackers to execute arbitrary code on the affected device. The vulnerability is related to the function sub 422eb8 and the use of strncpy without checking the size of the input data.

Recommendations For Linksys E8450 version 1.2.00.360516, as a temporary workaround, consider restricting access to the ipv6 protect status field until a patch is available. Additionally, avoid using the strncpy function without proper length verification to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.