We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | talos |
Reserved | 2023-11-30 |
Published | 2024-07-08 |
Updated | 2024-08-02 |
A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
CWE-347: Improper Verification of Cryptographic Signature
Discovered by Francesco Benvenuto of Cisco Talos.
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1874