Stack-based Buffer Overflow in Tenda O3 Device
CVE-2024-6963
8.8HIGH
What is CVE-2024-6963?
A critical vulnerability has been identified in the Tenda O3 with version 1.0.0.10, wherein the function formexeCommand is susceptible to a stack-based buffer overflow due to improper handling of the cmdinput argument. This critical flaw permits an attacker to execute arbitrary code remotely, potentially compromising the device's integrity and security, making it imperative for users to secure their devices promptly. Despite early notifications, the vendor did not respond regarding the disclosure of this vulnerability, raising concerns about timely security updates in the future. For more detailed insights and indicators, visit the related references.