CVE-2024-4167 | Tenda 4G300 1.01.42 sub_422AA4 year/month/day/hour/minute/second stack-based overflow

Inserito da Angelo Barbosa | Apr 25, 2024 | CVE

A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub_422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2024-4167. The attack may be launched remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-4167 | Tenda 4G300 1.01.42 sub_422AA4 year/month/day/hour/minute/second stack-based overflow

Post correlati

CVE-2023-32890 | MediaTek MT2731/MT6767/MT6768/MT6769/MT6769T/MT6769Z/MT8786 Modem EMM denial of service (MOLY01183647)

CVE-2024-5228 | TP-Link Omada ER605 heap-based overflow

CVE-2024-27507 | libLAS 1.8.1 /libLAS/apps/ts2las.cpp memory leak

CVE-2024-5991 | wolfSSL up to 5.7.0 MatchDomainName out-of-bounds