CVE-2024-7490
Severity:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
08/08/2024
Last modified:
08/08/2024
Description
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.<br />
This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.<br />
<br />
This issue affects Advanced Software Framework: through 3.52.0.2574.<br />
<br />
<br />
ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.