CVE-2024-7582 | Tenda i22 1.0.0.3(4687) apPortalAccessCodeAuth formApPortalAccessCodeAuth accessCode/data/acceInfo buffer overflow

Inserito da Angelo Barbosa | Ago 7, 2024 | CVE

A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow.

This vulnerability was named CVE-2024-7582. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7582 | Tenda i22 1.0.0.3(4687) apPortalAccessCodeAuth formApPortalAccessCodeAuth accessCode/data/acceInfo buffer overflow

Post correlati

CVE-2024-25082 | FontForge up to 20230101 Splinefont command injection

CVE-2024-22356 | IBM App Connect Enterprise/Integration Bus up to 11.0.0.23/12.0.9.0 on z/OS neutralization for logs (XFDB-280893)

CVE-2024-44572 | Relyum RELY-PCIe up to 23.1.0 sys_mgmt command injection

CVE-2024-0804 | Google Chrome prior 121.0.6167.85 iOS Security UI Privilege Escalation