CVE-2024-4244 – A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4456). Affected by …

26 April 2024

Vuln ID: CVE-2024-4244

Published: 2024-04-26 22:15:08.867

Description: A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4456). Affected by this vulnerability is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Base Score: 8.8 – HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Source: NVD.NIST.GOV

Date:

26 April 2024

Categorie(s):

NVD

Tag(s):

NVD

#RSAC: CISA Launches Vulnrichment Program to Address NVD Challenges8 May 2024
Top FBI Official Urges Agents to Use Warrantless Wiretaps on US Soil8 May 2024
GPU glut and quantum shift: theCUBE talks tech insights from RSA Conference8 May 2024
How Does ANY RUN Sandbox Protect Enterprise Users By Utilizing Advanced Tools8 May 2024
GPU glut and quantum shift: theCUBE talks tech insights from RSAC8 May 2024