Lucene search
Claroty Research - Vera Mens, Noam Moshe, Uri Katz, Sharon BrizinovZDI-24-072HistoryJan 15, 2024 - 12:00 a.m.
Synology RT6600ax Qualcomm LDB Service Improper Input Validation Remote Code Execution Vulnerability
2024-01-1500:00:00
Claroty Research - Vera Mens, Noam Moshe, Uri Katz, Sharon Brizinov
www.zerodayinitiative.com
29
vulnerability
network-adjacent
synology rt6600ax
qualcomm
ldb service
improper input validation
remote code execution
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology RT6600ax routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Qualcomm LDB service. The issue results from the lack of proper validation of user-supplied data prior to further processing. An attacker can leverage this vulnerability to execute code in the context of root.
Related
cve
cve
CVE-2024-21473
2024-04-01 15:15:49
nvd
nvd
CVE-2024-21473
2024-04-01 15:15:49
vulnrichment
vulnrichment
CVE-2024-21473 Improper Input Validation in WIN SON
2024-04-01 15:06:09
cvelist
cvelist
CVE-2024-21473 Improper Input Validation in WIN SON
2024-04-01 15:06:09