Stack-based Buffer Overflow in Tenda O3 Device
CVE-2024-6963

8.8HIGH

Key Information:

Vendor: Tenda
Status: O3 Firmware1.0.0.10\(2478\)
Vendor: CVE Published:; 22 July 2024

What is CVE-2024-6963?

A critical vulnerability has been identified in the Tenda O3 with version 1.0.0.10, wherein the function formexeCommand is susceptible to a stack-based buffer overflow due to improper handling of the cmdinput argument. This critical flaw permits an attacker to execute arbitrary code remotely, potentially compromising the device's integrity and security, making it imperative for users to secure their devices promptly. Despite early notifications, the vendor did not respond regarding the disclosure of this vulnerability, raising concerns about timely security updates in the future. For more detailed insights and indicators, visit the related references.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://vuldb.com/?id.272117

https://vuldb.com/?ctiid.272117

https://vuldb.com/?submit.374584

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 22, 2024

JSON

Tenda

What is CVE-2024-6963?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.