Intrusion PreventionAdvantech.EKI-15XX.Series.ntp_name.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Advantech EKI-1524, EKI-1522, and EKI-1521.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application
Affected Products
EKI-1524-CE series Firmware Version 1.21
EKI-1522-CE series Firmware Version 1.21
EKI-1521-CE series Firmware Version 1.21
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.advantech.com/en/support/details/firmware?id=1-1J9BED3
https://www.advantech.com/en/support/details/firmware?id=1-1J9BECT
https://www.advantech.com/en/support/details/firmware?id=1-1J9BEBL
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-03-14 | 27.749 |
| ID | 54788 |
| Created | Mar 06, 2024 |
| Updated | Mar 14, 2024 |
| Risk |
|
| CVE ID | CVE-2023-2575 |
| Exploit Prediction Score | 0.17% |
| Default Action | pass |
| Active | |
| Affected OS | Other |
| Affected App | CGI_app |