CVE-2024-54809
Published: 31 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2024-54809 is a stack-based buffer overflow vulnerability (CWE-121) in the Netgear WNR854T router version 1.5.2 for North America. The flaw occurs in the parse_st_header function, where a request header parameter is passed to a strncpy call with a size value derived from the input itself, enabling overflow conditions.
An unauthenticated remote attacker can exploit this vulnerability over the network with low complexity and no user interaction required. By sending a specially crafted packet, the attacker can seize control of the program counter, hijack the program's control flow, and execute arbitrary system commands, potentially leading to full device compromise. The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high impacts on confidentiality, integrity, and availability.
Mitigation details are available in the referenced advisory at https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#809, published in relation to CVE-2024-54809 (CVE published 2025-03-31).
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The stack-based buffer overflow enables remote unauthenticated RCE on a public-facing router service by allowing crafted packets to hijack control flow and execute arbitrary commands, directly mapping to exploitation of public-facing applications.