Stack Overflow Vulnerability in Tenda CH22 Router by Tenda
CVE-2024-46045

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Ch22 Firmware
Vendor: CVE Published:; 13 September 2024

What is CVE-2024-46045?

The Tenda CH22 router version V1.0.0.6(468) exhibits a stack overflow vulnerability within the frmL7PlotForm function. This flaw may allow attackers to exploit the router by sending crafted input, potentially leading to unauthorized access or execution of arbitrary code. Users utilizing this firmware are recommended to evaluate their security posture and consider applying any available patches to mitigate risks associated with this vulnerability.

References

https://github.com/BenJpopo/V/blob/main/Tenda/CH22/frmL7P...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 13, 2024
Vulnerability Reserved
Sep 11, 2024