A vulnerability was found in Tenda AC10U 15.03.06.49. It has been declared as critical. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257461 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Advisories
Source ID Title
EUVD EUVD EUVD-2024-27655 A vulnerability was found in Tenda AC10U 15.03.06.49. It has been declared as critical. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257461 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 12 Dec 2024 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenda
Tenda ac10u
Tenda ac10u Firmware
Weaknesses CWE-787
CPEs cpe:2.3:h:tenda:ac10u:-:*:*:*:*:*:*:*
cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49:*:*:*:*:*:*:*
Vendors & Products Tenda
Tenda ac10u
Tenda ac10u Firmware

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2024-08-21T22:59:44.809Z

Reserved: 2024-03-20T09:51:17.589Z

Link: CVE-2024-2710

cve-icon Vulnrichment

Updated: 2024-08-01T19:18:48.443Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-20T18:15:11.907

Modified: 2024-12-12T17:30:23.267

Link: CVE-2024-2710

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.