CVE-2024-30612
First published: Thu Mar 28 2024(Updated: )
Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenda AC10U firmware | ||
| All of | ||
| Tenda AC10U Firmware | =15.03.06.48 | |
| Tenda AC10U firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-30612?
CVE-2024-30612 is categorized as a high severity vulnerability due to its potential for stack overflow exploitation.
How do I fix CVE-2024-30612?
To mitigate CVE-2024-30612, it is recommended to update the Tenda AC10U firmware to a version that addresses this stack overflow vulnerability.
What specific parameters are affected by CVE-2024-30612?
CVE-2024-30612 affects the deviceId, limitSpeed, and limitSpeedUp parameters within the formSetClientState function.
Can CVE-2024-30612 lead to remote code execution?
Yes, CVE-2024-30612 may allow an attacker to gain remote code execution through the stack overflow.
Is my Tenda AC10U device vulnerable if running firmware version 15.03.06.48?
Yes, any Tenda AC10U device running firmware version 15.03.06.48 is vulnerable to CVE-2024-30612.
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- collector/nvd-api
- source/NVD
- vendor/tenda
- canonical/tenda ac10u firmware
- version/tenda ac10u firmware/15.03.06.48