CVE-2024-0535 | Tenda PA6 1.0.1.21 httpd /portmap cgiPortMapAdd groupName stack-based overflow

Inserito da Angelo Barbosa | Gen 14, 2024 | CVE

A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow.

This vulnerability is known as CVE-2024-0535. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0535 | Tenda PA6 1.0.1.21 httpd /portmap cgiPortMapAdd groupName stack-based overflow

Post correlati

CVE-2024-40718 | Veeam Backup for Nutanix AHV server-side request forgery (kb4649)

CVE-2024-43283 | Contest Gallery Plugin up to 23.1.2 on WordPress information disclosure

CVE-2024-3160 | Intelbras HDCVI 1016 up to 20240401 HTTP GET Request /cap.js information disclosure

CVE-2024-32136 | Xenioushk BWL Advanced FAQ Manager Plugin up to 2.0.3 on WordPress sql injection