CVE-2024-3011 | Tenda FH1205 2.0.0.7(775) /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Posted by Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow.

This vulnerability is uniquely identified as CVE-2024-3011. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3011 | Tenda FH1205 2.0.0.7(775) /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

Related Posts

CVE-2024-7469 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface list_vpn_web_custom.php sslvpn_config_mod template/stylenum os command injection

CVE-2024-2714 | Campcodes Complete Online DJ Booking System 1.0 booking-bwdates-reports-details.php fromdate sql injection

CVE-2024-3368 | All in One SEO Plugin up to 4.6.1.0 on WordPress Post Field cross site scripting

CVE-2024-6412 | HTML Forms Plugin up to 1.3.33 on WordPress cross-site request forgery