CVE-2024-28550 | Tenda AC18 15.03.05.05 formExpandDlnaFile filePath stack-based overflow

Posted by Angelo Barbosa | Mar 18, 2024 | CVE

A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formExpandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow.

This vulnerability was named CVE-2024-28550. The attack can only be done within the local network. Furthermore, there is an exploit available.

CVE-2024-28550 | Tenda AC18 15.03.05.05 formExpandDlnaFile filePath stack-based overflow

Related Posts

CVE-2024-6911 | PerkinElmer ProcessPlus up to 1.11.6507.0 on Windows file access

CVE-2024-24850 | Mark Stockton Quicksand Post Filter jQuery Plugin up to 3.1.1 on WordPress Authorization authorization

CVE-2024-22207 | fastify-swagger-ui up to 2.0.x insecure default initialization of resource

CVE-2024-21869 | Rapid SCADA up to 5.8.4 credentials storage (icsa-24-011-03)