CVE-2024-54809

wnr854t_firmware vulnerability - netgear

Critical CVSS Score: 9.8 Published: 2025-03-31

Description

Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands.

Affected Systems

Vendor	netgear
Product	wnr854t_firmware
Affected Versions	1.5.2; -
CWE ID	CWE-121

Mitigation

Apply the latest security patches from the vendor, restrict network exposure where applicable, and monitor for exploitation attempts.

Fix Instructions

Refer to the vendor advisory and apply the latest security updates. See references for detailed patching instructions.

References

https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t...

Risk Assessment

CVSS: 9.8/10

Exploit Available	Unknown
Patch Available	Unknown

Need Help Patching?

Our security team can help assess and remediate this vulnerability in your environment.

Get Help

Related Vulnerabilities

high

Stay Ahead of Threats

Subscribe to our vulnerability feed and get instant alerts when new CVEs affect your systems.

Start Monitoring

CVE-2024-54809

Description

Affected Systems

Mitigation

Fix Instructions

References

Risk Assessment

Need Help Patching?

Related Vulnerabilities

CVE-2025-4142

CVE-2025-4141

CVE-2025-4140

CVE-2025-4139

CVE-2025-4120

CVE-2025-4116

Stay Ahead of Threats