A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4456). Affected by this vulnerability is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-04-26T21:31:06.054Z
Updated: 2024-08-01T20:33:53.169Z
Reserved: 2024-04-26T12:40:22.188Z
Link: CVE-2024-4244
Vulnrichment
Updated: 2024-08-01T20:33:53.169Z
NVD
Status : Awaiting Analysis
Published: 2024-04-26T22:15:08.867
Modified: 2024-06-04T19:20:33.593
Link: CVE-2024-4244
Redhat
No data.