CVE-2024-6963 | Tenda O3 1.0.0.10 formexeCommand cmdinput stack-based overflow

Posted by Angelo Barbosa | Jul 21, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. This issue affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow.

The identification of this vulnerability is CVE-2024-6963. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6963 | Tenda O3 1.0.0.10 formexeCommand cmdinput stack-based overflow

Related Posts

CVE-2024-5820 | stitionai devika authorization

CVE-2023-42949 | Apple watchOS Temporary Directory access control

CVE-2023-52071 | cURL up to 8.3.x on Windows src/tool_cb_wrt.c tool_cb_wrt array index

CVE-2024-31322 | Google Android 12/12L/13/14 Accessibility Service AccessibilityManagerService.java updateServicesLocked input validation