Stack-based Buffer Overflow Vulnerability in Tenda W9
CVE-2024-4240

8.8HIGH

Key Information:

Vendor: Tenda
Status: W9 Firmware
Vendor: CVE Published:; 26 April 2024

What is CVE-2024-4240?

A remote exploitable vulnerability has been discovered in the Tenda W9 router, specifically in the formQosManageDouble_user function. The flaw arises from improper handling of the ssidIndex argument, which can lead to a stack-based buffer overflow, allowing an attacker to execute arbitrary code. This vulnerability highlights potential security weaknesses in IoT devices, urging users to implement necessary security measures to safeguard their networks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://vuldb.com/?id.262131

https://vuldb.com/?ctiid.262131

https://vuldb.com/?submit.319822

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 26, 2024

JSON

Tenda

What is CVE-2024-4240?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.