CVE-2024-0928 | Tenda AC10U 15.03.06.49_multi_TDE01 fromDhcpListClient page/listN stack-based overflow

Posted by Angelo Barbosa | Jan 26, 2024 | CVE

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow.

This vulnerability is known as CVE-2024-0928. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0928 | Tenda AC10U 15.03.06.49_multi_TDE01 fromDhcpListClient page/listN stack-based overflow

Related Posts

CVE-2024-8440 | wpdevteam Essential Addons for Elementor Plugin up to 6.0.3 on WordPress Fancy Text Widget cross site scripting

CVE-2024-45006 | Linux Kernel up to 6.10.6 xhci usb_ep0_reinit null pointer dereference

CVE-2020-26310 | blowsie Pure-JavaScript-HTML5-Parser 2020 redos (ID 14)

CVE-2024-39296 | Linux Kernel up to 6.6.33/6.9.4 bonding_masters bonding_exit missing initialization (f07224c16678/cf48aee81103/a45835a0bb6e)