First published: Wed Mar 20 2024(Updated: )
A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49. This affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257457 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Tenda AC10U Firmware | =15.03.06.49 | |
Tenda AC10U firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-2706 is classified as a critical vulnerability affecting Tenda AC10U firmware version 15.03.06.49.
To fix CVE-2024-2706, it is recommended to update the Tenda AC10U firmware to the latest version provided by the manufacturer.
CVE-2024-2706 is a stack-based buffer overflow vulnerability found in the formWifiWpsStart function.
Users of Tenda AC10U firmware version 15.03.06.49 are affected by CVE-2024-2706.
Yes, CVE-2024-2706 can be exploited remotely, allowing attackers to initiate an attack without physical access to the device.