CVE-2024-0928 | Tenda AC10U 15.03.06.49_multi_TDE01 fromDhcpListClient page/listN stack-based overflow

Inserito da Angelo Barbosa | Gen 26, 2024 | CVE

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow.

This vulnerability is known as CVE-2024-0928. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0928 | Tenda AC10U 15.03.06.49_multi_TDE01 fromDhcpListClient page/listN stack-based overflow

Post correlati

CVE-2024-33326 | Lumisxp 15.0.x/16.1.x XsltResultControllerHtml.jsp lumPageID cross site scripting

CVE-2024-48921 | Kyverno up to 1.12.x on Kubernetes improper authorization

CVE-2024-7931 | SourceCodester Online Graduate Tracer System 1.0 view_csprofile.php id sql injection

CVE-2024-36737 | Oneflow 0.9.1 oneflow.full denial of service