CVE-2024-51139

Name of the Vulnerable Software and Affected Versions Vigor2620/LTE200 versions 3.9.8.9 and earlier Vigor2860/2925 versions 3.9.8 and earlier Vigor2862/2926 versions 3.9.9.5 and earlier Vigor2133/2762/2832 versions 3.9.9 and earlier Vigor165/166 versions 4.2.7 and earlier Vigor2135/2765/2766 versions 4.4.5.1 and earlier Vigor2865/2866/2927 versions 4.4.5.3 and earlier Vigor2962/3910 versions 4.3.2.8/4.4.3.1 and earlier Vigor3912 versions 4.3.6.1 and earlier

Description A Buffer Overflow issue exists in the handling of the Content-Length header of HTTP POST requests by the CGI parser, allowing a remote attacker to execute arbitrary code.

Recommendations For Vigor2620/LTE200 versions 3.9.8.9 and earlier, update to a version later than 3.9.8.9. For Vigor2860/2925 versions 3.9.8 and earlier, update to a version later than 3.9.8. For Vigor2862/2926 versions 3.9.9.5 and earlier, update to a version later than 3.9.9.5. For Vigor2133/2762/2832 versions 3.9.9 and earlier, update to a version later than 3.9.9. For Vigor165/166 versions 4.2.7 and earlier, update to a version later than 4.2.7. For Vigor2135/2765/2766 versions 4.4.5.1 and earlier, update to a version later than 4.4.5.1. For Vigor2865/2866/2927 versions 4.4.5.3 and earlier, update to a version later than 4.4.5.3. For Vigor2962/3910 versions 4.3.2.8/4.4.3.1 and earlier, update to a version later than 4.3.2.8/4.4.3.1. For Vigor3912 versions 4.3.6.1 and earlier, update to a version later than 4.3.6.1.