Stack Overflow Vulnerability in Tenda CH22 Router
CVE-2024-46044

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Ch22 Firmware
Vendor: CVE Published:; 13 September 2024

What is CVE-2024-46044?

The identified vulnerability in the Tenda CH22 router pertains to a stack overflow in the fromqossetting function. This flaw could potentially allow an attacker to exploit the overflow and execute arbitrary code, leading to unauthorized access or control over the affected device. It is crucial for users of this product to apply the necessary firmware updates or patches to mitigate the risks associated with this vulnerability. Maintaining security protocols and regularly checking for updates are essential steps to safeguard network integrity.

References

https://github.com/BenJpopo/V/blob/main/Tenda/CH22/fromqo...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 13, 2024
Vulnerability Reserved
Sep 11, 2024