fkie_cve-2024-51979
Vulnerability from fkie_nvd
Published
2025-06-25 08:15
Modified
2025-06-26 18:58
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631). The malformed request will contain an empty Origin header value and a malformed Referer header value. The Referer header value will trigger a stack based buffer overflow when the host value in the Referer header is processed and is greater than 64 bytes in length.
References
cve@rapid7.comhttps://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf
cve@rapid7.comhttps://github.com/sfewer-r7/BrotherVulnerabilities
cve@rapid7.comhttps://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100846_000
cve@rapid7.comhttps://support.brother.com/g/b/link.aspx?prod=group2&faqid=faq00100848_000
cve@rapid7.comhttps://support.brother.com/g/b/link.aspx?prod=lmgroup1&faqid=faqp00100620_000
cve@rapid7.comhttps://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0625_announce.html
cve@rapid7.comhttps://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf
cve@rapid7.comhttps://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed
cve@rapid7.comhttps://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007
134c704f-9b21-4f2e-91b3-4a467353bcc0https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631). The malformed request will contain an empty Origin header value and a malformed Referer header value. The Referer header value will trigger a stack based buffer overflow when the host value in the Referer header is processed and is greater than 64 bytes in length."
    },
    {
      "lang": "es",
      "value": "Un atacante autenticado puede provocar un desbordamiento de b\u00fafer basado en la pila mediante una solicitud malformada al servicio HTTP (puerto TCP 80), al servicio HTTPS (puerto TCP 443) o al servicio IPP (puerto TCP 631). La solicitud malformada contendr\u00e1 un valor de encabezado \"Origin\" vac\u00edo y un valor de encabezado \"Referer\" malformado. El valor de encabezado \"Referer\" provocar\u00e1 un desbordamiento de b\u00fafer basado en la pila cuando se procese el valor del host en el encabezado \"Referer\" y tenga una longitud superior a 64 bytes."
    }
  ],
  "id": "CVE-2024-51979",
  "lastModified": "2025-06-26T18:58:14.280",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "cve@rapid7.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-25T08:15:31.590",
  "references": [
    {
      "source": "cve@rapid7.com",
      "url": "https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://github.com/sfewer-r7/BrotherVulnerabilities"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faq00100846_000"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://support.brother.com/g/b/link.aspx?prod=group2\u0026faqid=faq00100848_000"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://support.brother.com/g/b/link.aspx?prod=lmgroup1\u0026faqid=faqp00100620_000"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2025/0625_announce.html"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://www.konicaminolta.com/global-en/security/advisory/pdf/km-2025-0001.pdf"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://www.rapid7.com/blog/post/multiple-brother-devices-multiple-vulnerabilities-fixed"
    },
    {
      "source": "cve@rapid7.com",
      "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000007"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://assets.contentstack.io/v3/assets/blte4f029e766e6b253/blt6495b3c6adf2867f/685aa980a26c5e2b1026969c/vulnerability-disclosure-whitepaper.pdf"
    }
  ],
  "sourceIdentifier": "cve@rapid7.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "cve@rapid7.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.