CVE-2024-4165

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Apr 25, 2024
CWE ID 121

Summary

CVE-2024-4165 is a critical vulnerability found in Tenda G3 15.11.0.17(9502) that affects the function modifyDhcpRule of the file /goform/modifyDhcpRule. The vulnerability allows for a stack-based buffer overflow through manipulation of the bindDhcpIndex argument, enabling remote attacks. The exploit has been disclosed to the public, and although the vendor was notified, they did not respond. The vulnerability has a CVSS score of 9.0, indicating a high potential danger to organizations. Remediation steps have not been provided in the available information.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-4165 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options