Buffer Overflow Vulnerability in Tenda AC18 Router
CVE-2024-34974

8.2HIGH

Key Information:

Vendor: Tenda Technology
Status: Ac18 Firmware
Vendor: CVE Published:; 14 May 2024

Summary

The Tenda AC18 router firmware version 15.03.05.19 has a buffer overflow vulnerability originating from improper handling of input in the formSetPPTPServer function. This vulnerability can be exploited by manipulating the endIp parameter, potentially allowing unauthorized access or remote code execution. Users of the Tenda AC18 should be aware of this security risk to ensure their networks remain secure and take appropriate measures to safeguard their devices.

References

https://github.com/hunzi0/Vullnfo/tree/main/Tenda/AC18/fo...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024