CVE-2024-4168 | Tenda 4G300 1.01.42 sub_4260F0 upfilen stack-based overflow

Inserito da Angelo Barbosa | Apr 25, 2024 | CVE

A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub_4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow.

This vulnerability is uniquely identified as CVE-2024-4168. It is possible to initiate the attack remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4168 | Tenda 4G300 1.01.42 sub_4260F0 upfilen stack-based overflow

Post correlati

CVE-2023-43519 | Qualcomm 4 Gen 1 Mobile Platform Video memory corruption

CVE-2024-5435 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 Repository Mirror information exposure (Issue 464044)

CVE-2024-25031 | IBM Storage Defender up to 2.0.4 Resiliency Service excessive authentication (XFDB-281678)

CVE-2024-28319 | GPAC 2.3-DEV-rev921-g422b78ecf-master dash_client.c gf_dash_setup_period out-of-bounds (Issue 2763)