CVE-2024-6962 | Tenda O3 1.0.0.10 formQosSet remark/ipRange/upSpeed/downSpeed/enable stack-based overflow

Inserito da Angelo Barbosa | Lug 21, 2024 | CVE

A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow.

This vulnerability was named CVE-2024-6962. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6962 | Tenda O3 1.0.0.10 formQosSet remark/ipRange/upSpeed/downSpeed/enable stack-based overflow

Post correlati

CVE-2024-36543 | STRIMZI up to 0.41.0 Kafka Connect REST API access control

CVE-2024-29907 | Active Websight SEO Backlink Monitor Plugin up to 1.5.0 on WordPress cross site scripting

CVE-2024-9778 | ImagePress Plugin up to 1.2.2 on WordPress Setting cross-site request forgery

CVE-2024-9291 | kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff XML File upfile cross site scripting