The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksum on the stack without validating it. An unauthenticated attacker can get RCE as root by exploiting this vulnerability.
                
            Metrics
Affected Vendors & Products
References
        History
                    Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | epss 
 | epss 
 | 
Wed, 18 Sep 2024 16:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Zte Zte zxhn E1600 Firmware Zte zxhn E2603 Firmware Zte zxhn E2615 Firmware Zte zxhn E2618 Firmware Zte zxhn E500 Firmware Zte zxhn H108n Firmware Zte zxhn H168a Firmware Zte zxhn H168n Firmware Zte zxhn H338a Firmware Zte zxhn Z500 Firmware | |
| Weaknesses | CWE-121 | |
| CPEs | cpe:2.3:o:zte:zxhn_e1600_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_e2603_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_e2615_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_e2618_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_e500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_h108n_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_h168a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_h168n_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_h338a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:zxhn_z500_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products | Zte Zte zxhn E1600 Firmware Zte zxhn E2603 Firmware Zte zxhn E2615 Firmware Zte zxhn E2618 Firmware Zte zxhn E500 Firmware Zte zxhn H108n Firmware Zte zxhn H168a Firmware Zte zxhn H168n Firmware Zte zxhn H338a Firmware Zte zxhn Z500 Firmware | |
| Metrics | cvssV3_1 
 
 | 
Mon, 16 Sep 2024 20:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksum on the stack without validating it. An unauthenticated attacker can get RCE as root by exploiting this vulnerability. | |
| References |  | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: mitre
Published: 2024-09-16T00:00:00
Updated: 2024-09-18T15:23:17.587Z
Reserved: 2024-08-28T00:00:00
Link: CVE-2024-45415
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-09-18T15:20:29.294Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2024-09-16T21:15:45.943
Modified: 2024-09-20T12:31:20.110
Link: CVE-2024-45415
 Redhat
                        Redhat
                    No data.