PT-2024-35812 · Apache+1 · Apache Web Server+1
Alain Mowat
·
Published
2024-12-05
·
Updated
2024-12-06
·
CVE-2024-53703
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SonicWall SMA100 SSLVPN versions 10.2.1.13-72sv and earlier
Description
A problem in the mod httprp library loaded by the Apache web server allows remote attackers to cause a stack-based buffer overflow, potentially leading to code execution. This issue affects the SonicWall SMA100 SSLVPN firmware.
Recommendations
For versions 10.2.1.13-72sv and earlier, update to a newer version that contains a fix for this issue.
As a temporary workaround, consider restricting access to the mod httprp library until a patch is available.
Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Web Server
Sonicwall Sma100 Sslvpn