CVE-2024-0537 | Tenda W9 1.0.0.7(4456) httpd setWrlBasicInfo ssidIndex stack-based overflow

Inserito da Angelo Barbosa | Gen 14, 2024 | CVE

A vulnerability, which was classified as critical, was found in Tenda W9 1.0.0.7(4456). This affects the function setWrlBasicInfo of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow.

This vulnerability is uniquely identified as CVE-2024-0537. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0537 | Tenda W9 1.0.0.7(4456) httpd setWrlBasicInfo ssidIndex stack-based overflow

Post correlati

CVE-2024-6084 | itsourcecode Pool of Bethesda Online Reservation System up to 1.0 controller.php uploadImage image unrestricted upload

CVE-2024-36075 | Netwrix CoSoSys Endpoint Protector/CoSoSys Unify Application Configuration improper authentication

CVE-2024-22338 | IBM Security Verify Access OIDC Provider up to 23.03 information disclosure (XFDB-279978)

CVE-2024-3941 | reCAPTCHA Jetpack Plugin up to 0.2.2 on WordPress cross site scripting