FW-WGS-804HPT Stack Overflow Vulnerability in Web ACL IPv4-Based ACE Addition Function

Vulnerability

A stack overflow vulnerability has been identified in FW-WGS-804HPT version 1.305b241111. The issue arises in the web_acl_ipv4BasedAceAdd function, where the ipv4Aclkey parameter is improperly handled, leading to a stack overflow condition.

Impact

Exploitation of this vulnerability causes a stack overflow, which can potentially be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FW-WGS-804HPT Stack Overflow Vulnerability in Web ACL IPv4-Based ACE Addition Function

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating