Stack-based Buffer Overflow in Tenda FH1206 Product
CVE-2024-34946

6.5MEDIUM

Key Information:

Vendor: Tenda
Status: Fh1206 Firmware
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-34946?

The Tenda FH1206 router has been identified with a stack-based buffer overflow vulnerability that can be exploited via the page parameter at ip/goform/DhcpListClient. This security flaw allows attackers to potentially execute arbitrary code or cause a denial of service. It is crucial for users of the affected product to apply necessary patches and follow best security practices to mitigate the risks associated with this vulnerability.

References

https://palm-vertebra-fe9.notion.site/fromDhcpListClient_...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024