Stack Overflow Vulnerability in AC8v4 V16.03.34.06
CVE-2024-46652

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Ac8 Firmware
Vendor: CVE Published:; 20 September 2024

Summary

The Tenda AC8v4 Router running firmware version V16.03.34.06 is susceptible to a stack overflow vulnerability in the fromAdvSetMacMtuWan function. An attacker can exploit this vulnerability to execute arbitrary code or cause a denial of service, compromising the integrity and availability of the affected device. It is crucial for users to be aware of this vulnerability and apply necessary updates or implement security measures to protect their networks. Regularly monitoring firmware updates and following security best practices is recommended.

References

https://github.com/zp9080/Tenda/blob/main/Tenda-AC8v4%20V...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 20, 2024