CVE-2024-11248 | Tenda AC10 16.03.10.13 SetSysAutoRebbotCfg formSetRebootTimer rebootTime stack-based overflow

Posted by Angelo Barbosa | Nov 15, 2024 | CVE

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2024-11248. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-11248 | Tenda AC10 16.03.10.13 SetSysAutoRebbotCfg formSetRebootTimer rebootTime stack-based overflow

Related Posts

CVE-2024-6941 | ThinkSAAS 3.7.0 app/system/action/do.php cross site scripting (Issue 36)

VDB-259699 | Trojan.Win32.Razy.abc SmartData memory corruption

CVE-2024-20416 | Cisco RV340/RV345 HTTP Request length parameter (cisco-sa-sb-rv34x-rce-7pqFU2e)

CVE-2024-8185 | HashiCorp Vault/Vault Enterprise up to 1.18.0 API Endpoint failing open