CVE-2024-2979 | Tenda F1203 2.0.1.6 /goform/openSchedWifi setSchedWifi schedStartTime/schedEndTime stack-based overflow

Inserito da Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability classified as critical was found in Tenda F1203 2.0.1.6. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow.

This vulnerability was named CVE-2024-2979. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2979 | Tenda F1203 2.0.1.6 /goform/openSchedWifi setSchedWifi schedStartTime/schedEndTime stack-based overflow

Post correlati

CVE-2024-33809 | PingCAP TiDB 7.5.1 buffer overflow (Issue 52159)

CVE-2024-7188 | Bylancer Quicklancer 2.4 GET Parameter /listing range2 sql injection

CVE-2024-9039 | SourceCodester Best House Rental Management System 1.0 /ajax.php firstname/lastname/email sql injection

CVE-2023-25646 | ZTE ZXHN H388X V10.1 AGZHM_1.3.1 Serial Port permissions