CVE-2024-34087 Information

Description

An SEH-based buffer overflow in the BPQ32 HTTP Server in BPQ32 6.0.24.1 allows remote attackers with access to the Web Terminal to achieve remote code execution via an HTTP POST /TermInput request.

Reference

https://themodernham.com/bbs-hacking-discovering-rce-within-bpq32-seh-based-buffer-overflow/ https://groups.io/g/bpq32 https://www.cantab.net/users/john.wiseman/Documents/ https://www.youtube.com/%40ModernHam