CVE-2024-6403 | Tenda A301 15.13.08.12 /goform/SetOnlineDevName formWifiBasicSet devName stack-based overflow

Posted by Angelo Barbosa | Jun 28, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2024-6403. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6403 | Tenda A301 15.13.08.12 /goform/SetOnlineDevName formWifiBasicSet devName stack-based overflow

Related Posts

CVE-2024-33596 | Five Star Plugins Five Star Restaurant Reservations Plugin up to 2.6.16 on WordPress authorization

CVE-2024-0471 | code-projects Human Resource Integrated System 1.0 dec_service_credits.php date sql injection

CVE-2023-6395 | Mock Jinja2 Template input validation

CVE-2021-47097 | Linux Kernel up to 5.4.168/5.10.88/5.15.11 Input elantech_change_report_id param[] out-of-bounds