Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-54808

Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.

Published

2025-03-31T21:15:48.310

Last Modified

2025-04-17T12:55:22.040

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-121

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	netgear	wnr854t_firmware	1.5.2	Yes
Hardware	netgear	wnr854t	-	No

References

https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#808 Exploit, Third Party Advisory ([email protected])