CVE-2023-49867

Name of the Vulnerable Software and Affected Versions Realtek rtl819x Jungle SDK version 3.4.11

Description A stack-based buffer overflow vulnerability exists in the boa formWsc functionality. This can be triggered by a specially crafted series of HTTP requests, potentially leading to remote code execution. An attacker can exploit this issue by sending a series of HTTP requests.

Recommendations For Realtek rtl819x Jungle SDK version 3.4.11, consider disabling the boa formWsc functionality until a patch is available to prevent potential remote code execution. Restrict access to the vulnerable functionality to minimize the risk of exploitation. Avoid using the vulnerable SDK version in production environments until a fixed version is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.