CVE-2024-4065 | Tenda AC8 16.03.34.09 /goform/SetRebootTimer formSetRebootTimer rebootTime stack-based overflow

Inserito da Angelo Barbosa | Apr 23, 2024 | CVE

A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated as critical. This issue affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow.

The identification of this vulnerability is CVE-2024-4065. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4065 | Tenda AC8 16.03.34.09 /goform/SetRebootTimer formSetRebootTimer rebootTime stack-based overflow

Post correlati

CVE-2024-29141 | PDF Embedder Plugin up to 4.6.4 on WordPress cross site scripting

CVE-2024-50560 | Siemens RUGGEDCOM RM1224 LTE(4G) EU up to 8.1 input validation (ssa-354112)

CVE-2024-30592 | Tenda FH1202 1.2.0.14(408) /goform/addressNat fromAddressNat page stack-based overflow

CVE-2024-23136 | Autodesk AutoCAD/Advance Steel/Civil 3D STP File ASMKERN228A.dll untrusted pointer dereference