CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Inserito da Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability was found in Tenda FH1203 2.0.1.6. It has been classified as critical. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2024-2993. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Post correlati

CVE-2024-45233 | Powermail Frontend Plugin up to 12.3.5 on TYPO3 access control

CVE-2024-43454 | Microsoft

CVE-2024-35874 | Linux Kernel up to 6.8.4 aio_complete null pointer dereference (9678bcc6234d/caeb4b0a11b3)

CVE-2024-5225 | berriai litellm api_key sql injection