CVE-2024-23985

EUVD-2024-21411
EzServer 6.4.017 allows a denial of service (daemon crash) via a long string, such as one for the RNTO command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
ezhometechezserver
6.4.017
𝑥
= Vulnerable software versions
References
https://packetstormsecurity.com/files/176663/EzServer-6.4.017-Denial-Of-Service.html
https://packetstormsecurity.com/files/176663/EzServer-6.4.017-Denial-Of-Service.html