CVE-2024-34087

Name of the Vulnerable Software and Affected Versions BPQ32 version 6.0.24.1

Description The issue is related to an SEH-based buffer overflow in the BPQ32 HTTP Server, allowing remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request.

Recommendations For BPQ32 version 6.0.24.1, upgrade to version 6.0.24.2 to mitigate risks. As a temporary workaround, consider restricting access to the Web Terminal to minimize the risk of exploitation. Avoid using the vulnerable HTTP POST /TermInput request until the issue is resolved.