{"id":"CVE-2024-7490","details":"Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\n This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.\n\nThis issue affects Advanced Software Framework: through 3.52.0.2574.\n\n\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.","modified":"2026-03-14T08:45:19.274192Z","published":"2024-08-08T15:15:19.057Z","references":[{"type":"ADVISORY","url":"https://www.microchip.com/en-us/tools-resources/develop/libraries/advanced-software-framework"},{"type":"ADVISORY","url":"https://www.kb.cert.org/vuls/id/138043"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.52.0.2574"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-7490.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}