CVE-2024-3012 | Tenda FH1205 2.0.0.7(775) GetParentControlInfo mac stack-based overflow

Posted by Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been declared as critical. This vulnerability affects the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow.

This vulnerability was named CVE-2024-3012. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3012 | Tenda FH1205 2.0.0.7(775) GetParentControlInfo mac stack-based overflow

Related Posts

CVE-2023-6735 | Checkmk up to 2.0.0p38/2.1.0p36/2.2.0p16 mk_tsm Agent Plugin input validation

CVE-2024-22373 | Mathieu Malaterre Grassroot DICOM 3.0.23 DICOM File DecodeByStreamsCommon memory corruption (TALOS-2024-1935)

CVE-2023-6563 | Red Hat keycloak/Single Sign-On/Middleware Container/ Admin User Interface allocation of resources (RHSA-2023:7854)

CVE-2024-26490 | JD Simple Module 2.33 Title cross site scripting