A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. Affected is the function handleaddplugin in the library cmd.library of the file plugins/restful/plugin_handle.c. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
{
"cna_assigner": "VulDB",
"cwe_ids": [
"CWE-119",
"CWE-120"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/10xxx/CVE-2024-10964.json"
}{
"source": [
"AFFECTED_FIELD",
"CPE_RANGE"
],
"extracted_events": [
{
"introduced": "2.0"
},
{
"last_affected": "2.0"
},
{
"introduced": "2.1"
},
{
"last_affected": "2.1"
},
{
"introduced": "2.2"
},
{
"last_affected": "2.2"
},
{
"introduced": "2.3"
},
{
"last_affected": "2.3"
},
{
"introduced": "2.4"
},
{
"last_affected": "2.4"
},
{
"introduced": "2.5"
},
{
"last_affected": "2.5"
},
{
"introduced": "2.6"
},
{
"last_affected": "2.6"
},
{
"introduced": "2.7"
},
{
"last_affected": "2.7"
},
{
"introduced": "2.8"
},
{
"last_affected": "2.8"
},
{
"introduced": "2.9"
},
{
"last_affected": "2.9"
},
{
"introduced": "2.10"
},
{
"last_affected": "2.10"
},
{
"introduced": "0"
},
{
"last_affected": "2.10.0"
}
],
"cpe": "cpe:2.3:a:emqx:neuron:*:*:*:*:*:*:*:*"
}