Description

nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the getnum function at /modules/struct.c.

INFO

Published Date :

2024-11-29T00:00:00.000Z

Last Modified :

2024-12-04T16:57:21.153Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-36671 vulnerability.

Vendors Products
Nodemcu
  • Nodemcu
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-36671.

URL Resource
https://github.com/nodemcu/nodemcu-firmware/commit/193fe3593eb1537667179089535cdb7457327887#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721 cve-icon cve-icon
https://github.com/nodemcu/nodemcu-firmware/issues/3626 cve-icon cve-icon
https://github.com/nodemcu/nodemcu-firmware/pull/3633 cve-icon cve-icon
https://github.com/nodemcu/nodemcu-firmware/pull/3634 cve-icon cve-icon
https://github.com/nodemcu/nodemcu-firmware/pull/3635 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact