A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.6(468). Affected by this issue is the function fromqossetting of the file /goform/fromqossetting. The manipulation of the argument qos leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2024-46044. The attack may be launched remotely. Furthermore, there is an exploit available.