CVE-2024-3882 | Tenda W30E 1.0.1.25(633) /goform/fromRouteStatic page stack-based overflow

Posted by Angelo Barbosa | Apr 16, 2024 | CVE

A vulnerability was found in Tenda W30E 1.0.1.25(633). It has been classified as critical. Affected is the function fromRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument page leads to stack-based buffer overflow.

This vulnerability is traded as CVE-2024-3882. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3882 | Tenda W30E 1.0.1.25(633) /goform/fromRouteStatic page stack-based overflow

Related Posts

CVE-2024-6962 | Tenda O3 1.0.0.10 formQosSet remark/ipRange/upSpeed/downSpeed/enable stack-based overflow

CVE-2024-26856 | Linux Kernel up to 5.15.151/6.1.81/6.6.21/6.7.9 sparx5_del_mact_entry use after free

CVE-2024-3987 | WP Mobile Menu Plugin up to 2.8.4.2 on WordPress Image Alt cross site scripting

CVE-2024-6824 | Premium Addons for Elementor Plugin up to 4.10.38 on WordPress Title authorization