CVE-2015-2797 : Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444T

Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.

Published 2015-06-19 14:59:00

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2015-2797

Airties » Air Firmware
Versions up to, including, (<=) 1.0.2.0
cpe:2.3:o:airties:air_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Airties » Air 5021 » Version: N/A
When used together with: Airties » Air 5341 » Version: N/A
When used together with: Airties » Air 5342 » Version: N/A
When used together with: Airties » Air 5343 » Version: N/A
When used together with: Airties » Air 5442 » Version: N/A
When used together with: Airties » Air 5443 » Version: N/A
When used together with: Airties » Air 5444tt » Version: N/A
When used together with: Airties » Air 5453 » Version: N/A
When used together with: Airties » Air 5650tt » Version: N/A
When used together with: Airties » Air 5750 » Version: N/A
When used together with: Airties » Air 5760 » Version: N/A
When used together with: Airties » Air 6372 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2015-2797

EPSS FAQ

77.77%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2015-2797

Airties login-cgi Buffer Overflow

Disclosure Date: 2015-03-31

First seen: 2020-04-26

exploit/linux/http/airties_login_cgi_bof

This module exploits a remote buffer overflow vulnerability on several Airties routers. The vulnerability exists in the handling of HTTP queries to the login cgi with long redirect parameters. The vulnerability doesn't require authentication. This module has been tes

More information

CVSS scores for CVE-2015-2797

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2015-2797

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-2797

https://www.exploit-db.com/exploits/36577/

Airties Air5650TT - Remote Stack Overflow
Exploit
http://osvdb.org/show/osvdb/120335
http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/

Exploit
https://www.exploit-db.com/exploits/37170/

Airties - login-cgi Buffer Overflow (Metasploit)
Exploit
http://www.securityfocus.com/bid/75355

Multiple AirTies Air Products CVE-2015-2797 Stack Buffer Overflow Vulnerability

Jump to