CVE-2024-10750 | Tenda i22 1.0.0.3(4687) SysToo websReadEvent Content-Length null pointer dereference

Inserito da Angelo Barbosa | Nov 3, 2024 | CVE

A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference.

This vulnerability is known as CVE-2024-10750. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10750 | Tenda i22 1.0.0.3(4687) SysToo websReadEvent Content-Length null pointer dereference

Post correlati

CVE-2024-5803 | AVG/Avast Antivirus up to 24.0 COM AVGUI.exe toctou

CVE-2024-20523 | Cisco RV042/RV042G/RV320/RV325 up to 4.2.3.14 Web-based Management Interface stack-based overflow (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)

CVE-2023-49557 | YASM 1.3.0.86.g9def libyasm/section.c yasm_section_bcs_first denial of service (Issue 253)

CVE-2024-2500 | ColorMag Plugin up to 3.1.6 on WordPress Display Name cross site scripting