Critical Vulnerability in Tenda AC15 Could Lead to Remote Exploit
CVE-2024-10662
8.8HIGH
Key Information
- Vendor
- Tenda
- Status
- Ac15
- Vendor
- CVE Published:
- 1 November 2024
Summary
A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected Version(s)
AC15 = 15.03.05.19
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Risk change from: null to: 8.8 - (HIGH)
VulDB entry last update
Vulnerability Reserved.
VulDB entry created
Advisory disclosed
Vulnerability published.
Collectors
NVD DatabaseMitre Database
Credit
theRaz0r (VulDB User)