CVE-2024-0928 | Tenda AC10U 15.03.06.49_multi_TDE01 fromDhcpListClient page/listN stack-based overflow

Posted by Angelo Barbosa | Jan 26, 2024 | CVE

A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow.

This vulnerability is known as CVE-2024-0928. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-0928 | Tenda AC10U 15.03.06.49_multi_TDE01 fromDhcpListClient page/listN stack-based overflow

Related Posts

CVE-2024-0495 | Kashipara Billing Software 1.0 HTTP POST Request party_submit.php party_name sql injection

CVE-2024-46779 | Linux Kernel up to 6.10.9 DRM pvr_vm_gpuva memory leak (1cc695be8920/3f6b2f60b463)

CVE-2024-20440 | Cisco Smart License Utility 2.0.0/2.1.0/2.2.0 HTTP Request log file (cisco-sa-cslu-7gHMzWmw)

CVE-2024-6242 | Rockwell Automation ControlLogix 5580 1756-L8z Trusted Slot unprotected alternate channel