How severe is CVE-2024-28038?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9 out of 10.

What type of vulnerability is CVE-2024-28038?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2024-28038

CRITICAL Year: 2024

CVSS v3 Score

9.0

Critical

Weakness Type

CWE-121

View all →

Vulnerability Description

The web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving too long character string to MFPSESSIONID parameter results in a stack buffer overflow. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].

CVE-2022-29496

CRITICAL

CVSS:9.0(Critical)

A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attack...

CWE-1212022

CVE-2023-50734

CRITICAL

CVSS:9.0(Critical)

A buffer overflow vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

CWE-1212023

CVE-2025-0282

CRITICAL

CVSS:9.0(Critical)

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remot...

CWE-1212025

CVE-2021-21887

CRITICAL

CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remot...

CWE-1212021

CVE-2021-21890

CRITICAL

CVSS:9.1(Critical)

A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote...

CWE-1212021