Tenda AC15 Stack Overflow Vulnerability
CVE-2024-30613

4.3MEDIUM

Key Information:

Vendor: Tenda
Status: Ac15 Firmware
Vendor: CVE Published:; 29 March 2024

What is CVE-2024-30613?

An identified stack overflow vulnerability within the Tenda AC15 router impacts the functionality of the setSmartPowerManagement function. This vulnerability arises due to improper handling of the time parameter, potentially allowing attackers to exploit the overflow conditions. Successful exploitation may lead to unauthorized access or control over affected devices, posing a significant risk to network security. Users of Tenda AC15 routers are advised to review their systems and implement necessary security measures.

References

https://github.com/abcdefg-png/IoT-vulnerable/blob/main/T...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 29, 2024
Vulnerability Reserved
Mar 27, 2024

CVE-2024-30613 Data

JSON