CVE-2024-4169

CVSS 3.1 Score 4.6 of 10 (medium)

Details

Published Apr 25, 2024
Updated: Jun 4, 2024
CWE ID 312

Summary

CVE-2024-4169 is a newly identified critical vulnerability that affects the Tenda 4G300 firmware version 1.01.42. The issue lies within the functions sub_42775C and sub_4279CC, resulting in a stack-based buffer overflow. An attacker can exploit this vulnerability remotely by manipulating the argument page. The identifier for this flaw is VDB-261988, and unfortunately, the vendor has not responded to disclosure attempts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share