CVE-2024-44549

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 121
CWE ID 787

Summary

CVE-2024-44549 identifies a stack overflow vulnerability in the Tenda AX1806 version 1.0.0.1, specifically through the iptv.stb.port parameter in the formGetIptv function. This vulnerability poses a medium severity risk, characterized by a low complexity attack vector requiring minimal privileges and no user interaction, resulting in high integrity impact but low confidentiality impact. Affected products include the Tenda AX1806, which may be exploited locally to cause out-of-bounds writes or buffer overflows. To mitigate this vulnerability, organizations should immediately apply any available patches from the manufacturer or disable the affected functionality until a fix is implemented. If exploited, this vulnerability could lead to significant disruptions and potential data integrity issues within affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share