CVE-2024-6965 | Tenda O3 1.0.0.10 fromVirtualSet ip/localPort/publicPort/app stack-based overflow

Posted by Angelo Barbosa | Jul 21, 2024 | CVE

A vulnerability has been found in Tenda O3 1.0.0.10 and classified as critical. Affected by this vulnerability is the function fromVirtualSet. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow.

This vulnerability is known as CVE-2024-6965. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6965 | Tenda O3 1.0.0.10 fromVirtualSet ip/localPort/publicPort/app stack-based overflow

Related Posts

CVE-2024-40725 | Apache HTTP Server 2.4.60/2.4.61 Configuration Content-Type information disclosure

CVE-2023-42496 | Liferay Portal/DXP Add Assignees to a Role Page cross site scripting

CVE-2024-22403 | NextCloud Server up to 27.x OAuth2 violation of secure design principles (GHSA-wppc-f5g8-vx36)

CVE-2023-47663 | Menno Luitjes Foyer Plugin up to 1.7.5 on WordPress cross site scripting