Stack Overflow Vulnerability in Tenda AX1806 Router
CVE-2024-44563

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Ax1806 Firmware
Vendor: CVE Published:; 26 August 2024

What is CVE-2024-44563?

A vulnerability has been identified in the Tenda AX1806 router, specifically a stack overflow issue triggered by improper handling of the iptv.stb.port parameter in the setIptvInfo function. This security flaw can potentially allow attackers to execute arbitrary code or manipulate system functionalities, leading to unauthorized access or disruption of service. Users of the affected version are advised to be aware of this vulnerability and apply available security patches to safeguard their systems.

References

https://detailed-stetson-767.notion.site/Tenda-AX1806-Buf...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2024
Vulnerability Reserved
Aug 21, 2024