CVE-2024-3876 | Tenda F1202 1.2.0.20(408) /goform/VirtualSer fromVirtualSer page stack-based overflow

Posted by Angelo Barbosa | Apr 16, 2024 | CVE

A vulnerability classified as critical has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2024-3876. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3876 | Tenda F1202 1.2.0.20(408) /goform/VirtualSer fromVirtualSer page stack-based overflow

Related Posts

CVE-2024-26146 | rubygem-rack Header Parser denial of service

CVE-2024-7680 | itsourcecode Tailoring Management System 1.0 /incedit.php id/inccat/desc/date/amount sql injection

CVE-2024-43279 | Tribulant Newsletters Plugin up to 4.9.8 on WordPress cross site scripting

CVE-2023-47105 | Chaosblade up to 1.7.3 exec.CommandContext cmd os command injection