CVE-2024-51138

CRITICAL
Published Feb 27, 2025 Modified May 28, 2025 CWE-121

Description

Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges.

Is your site exposed to CVE-2024-51138?

Run a free security scan — no signup, results in seconds.

CVSS v3.1 Score

9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-121 CWE-121

Affected Products

Vendor Product
draytek vigor3912_firmware
draytek vigor3912
draytek vigor2620_firmware
draytek vigor2620
draytek vigorlte200_firmware
draytek vigorlte200
draytek vigor2860_firmware
draytek vigor2860
draytek vigor2925_firmware
draytek vigor2925
draytek vigor2862_firmware
draytek vigor2862
draytek vigor2926_firmware
draytek vigor2926
draytek vigor2133_firmware
draytek vigor2133
draytek vigor2762_firmware
draytek vigor2762
draytek vigor2832_firmware
draytek vigor2832
draytek vigor2135_firmware
draytek vigor2135
draytek vigor2765_firmware
draytek vigor2765
draytek vigor2766_firmware
draytek vigor2766
draytek vigor2763_firmware
draytek vigor2763
draytek vigor2865_firmware
draytek vigor2865
draytek vigor2866_firmware
draytek vigor2866
draytek vigor2927_firmware
draytek vigor2927
draytek vigor2962_firmware
draytek vigor2962_firmware
draytek vigor2962
draytek vigor3910_firmware
draytek vigor3910_firmware
draytek vigor3910
draytek vigor2915_firmware
draytek vigor2915
draytek vigor1000b_firmware
draytek vigor1000b
draytek vigor2952_firmware
draytek vigor2952
draytek vigor3220_firmware
draytek vigor3220

References

Frequently Asked Questions

What is CVE-2024-51138? +
Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4.4.5. and earlier; Vigor2865/2866/2927 4.4.5.3 and earlier; Vigor2962 4.3.2.8 and earlier; Vigor3912 4.3.6.1 and earlier; Vigor3910 4.4.3.1 and earlier a stack-based buffer overflow vulnerability has been identified in the URL parsing functionality of the TR069 STUN server. This flaw occurs due to insufficient bounds checking on the amount of URL parameters, allowing an attacker to exploit the overflow by sending a maliciously crafted request. Consequently, a remote attacker can execute arbitrary code with elevated privileges. It has a CVSS v3.1 base score of 9.8 (CRITICAL).
How severe is CVE-2024-51138? +
CVE-2024-51138 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.
What products are affected by CVE-2024-51138? +
CVE-2024-51138 affects products from draytek, specifically: vigor1000b, vigor1000b_firmware, vigor2133, vigor2133_firmware, vigor2135, vigor2135_firmware, vigor2620, vigor2620_firmware, vigor2762, vigor2762_firmware, vigor2763, vigor2763_firmware, vigor2765, vigor2765_firmware, vigor2766, vigor2766_firmware, vigor2832, vigor2832_firmware, vigor2860, vigor2860_firmware, vigor2862, vigor2862_firmware, vigor2865, vigor2865_firmware, vigor2866, vigor2866_firmware, vigor2915, vigor2915_firmware, vigor2925, vigor2925_firmware, vigor2926, vigor2926_firmware, vigor2927, vigor2927_firmware, vigor2952, vigor2952_firmware, vigor2962, vigor2962_firmware, vigor3220, vigor3220_firmware, vigor3910, vigor3910_firmware, vigor3912, vigor3912_firmware, vigorlte200, vigorlte200_firmware. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-51138? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-51138 — free, no signup required.