First published: Wed Oct 23 2024(Updated: )
A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
Tenda RX9 Pro Firmware | =22.03.02.10 | |
Tenda RX9 Pro Firmware | =22.03.02.20 | |
Tenda RX9 Pro Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-10282 is classified as a critical vulnerability.
To mitigate CVE-2024-10282, update the firmware of Tenda RX9 and RX9 Pro to versions 22.03.02.10 or 22.03.02.20.
CVE-2024-10282 is a stack-based buffer overflow vulnerability affecting specific firmware versions of Tenda RX9 and RX9 Pro.
The affected devices include Tenda RX9 and RX9 Pro running firmware versions 22.03.02.10 and 22.03.02.20.
The vulnerability can be exploited through argument manipulation, potentially leading to arbitrary code execution.