CVE-2024-3881 | Tenda W30E 1.0.1.25(633) /goform/frmL7ProtForm frmL7PlotForm page stack-based overflow

Posted by Angelo Barbosa | Apr 16, 2024 | CVE

A vulnerability was found in Tenda W30E 1.0.1.25(633) and classified as critical. This issue affects the function frmL7PlotForm of the file /goform/frmL7ProtForm. The manipulation of the argument page leads to stack-based buffer overflow.

The identification of this vulnerability is CVE-2024-3881. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3881 | Tenda W30E 1.0.1.25(633) /goform/frmL7ProtForm frmL7PlotForm page stack-based overflow

Related Posts

CVE-2024-7353 | Accept Stripe Payments Plugin up to 2.0.86 on WordPress Shortcode accept_stripe_payment_ng cross site scripting

CVE-2023-6148 | Qualys Policy Compliance Connector Plugin up to 1.0.5 on Jenkins cross site scripting

CVE-2023-47677 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 boa cross-site request forgery (TALOS-2023-1872)

CVE-2024-28435 | Twenty 0.3.0 File Upload server-side request forgery