CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Posted by Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability was found in Tenda FH1203 2.0.1.6. It has been classified as critical. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2024-2993. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Related Posts

CVE-2024-21530 | cocoon up to 0.3.x Encryption nonce re-use (ID 22)

CVE-2024-48569 | Proactive Risk Manager 9.1.1.0 /ar/config/configuation/ cross site scripting

CVE-2024-20028 | MediaTek MT8512 Da out-of-bounds write (ALPS08541632)

CVE-2024-21469 | Qualcomm Snapdragon up to SXR1230P TEE access control