Stack-based Buffer Overflow Vulnerability in Tenda RX9 and RX9 Pro Products
CVE-2024-10281

8.8HIGH

Key Information:

Vendor: Tenda
Status: Rx9 Pro Firmware
Vendor: CVE Published:; 23 October 2024

What is CVE-2024-10281?

A stack-based buffer overflow vulnerability affects the Tenda RX9 and RX9 Pro devices, specifically within the SetStaticRouteCfg function located in the /goform/ directory. The flaw allows for remote manipulation of the argument list, leading to potential exploitation of the device. Attackers could exploit this vulnerability to execute arbitrary code, resulting in compromised device security. The public disclosure of the exploit raises concerns over the safety of devices running vulnerable firmware versions, specifically 22.03.02.10 and 22.03.02.20. It is crucial for users of Tenda RX9 and RX9 Pro to assess their firmware and implement necessary security patches to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://vuldb.com/?id.281556

https://vuldb.com/?ctiid.281556

https://vuldb.com/?submit.427065

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 23, 2024

JSON

Tenda

What is CVE-2024-10281?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.