What is CVE-2023-41028?

CVE-2023-41028 is a critical-severity vulnerability in Juplink Rx4-1500, classified under Stack-based Buffer Overflow. CVSS score: 9.0/10. Published 2023-08-23.

How severe is CVE-2023-41028?

Critical severity. CVSS v3 base score is 9.0 out of 10.

Buffer overflow in Juplink Rx4-1500

CVE-2023-41028

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.

Vulnerability class: Buffer Overflow

EPSS: 0.001 (34.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.0 (Critical). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Juplink Rx4-1500 — versions V1.0.2

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

References

blog.exodusintel.com/2023/08/23/juplink-rx4-1500-stack-based-buffer-overflow-vu…

Frequently asked questions

What is CVE-2023-41028?: CVE-2023-41028 is a critical-severity vulnerability in Juplink Rx4-1500, classified under Stack-based Buffer Overflow. CVSS score: 9.0/10. Published 2023-08-23.
How severe is CVE-2023-41028?: Critical severity. CVSS v3 base score is 9.0 out of 10.