CVE-2024-2811 | Tenda AC15 15.03.20_multi /goform/WifiWpsStart formWifiWpsStart index stack-based overflow

Inserito da Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2024-2811. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2811 | Tenda AC15 15.03.20_multi /goform/WifiWpsStart formWifiWpsStart index stack-based overflow

Post correlati

CVE-2024-33693 | Meks Smart Social Widget Plugin up to 1.6.4 on WordPress cross site scripting

CVE-2024-7618 | PeepSo Community Plugin up to 6.4.5.0 on WordPress content cross site scripting

CVE-2024-2385 | Livemesh Elementor Addons Plugin up to 8.3.7 on WordPress Widgets file inclusion

CVE-2024-28714 | ZhongBangKeJi CRMEB 1.3.4 groupid sql injection