CVE-2024-44549
CVSS 3.1 Score 6.6 of 10 (medium)
Details
Summary
CVE-2024-44549 identifies a stack overflow vulnerability in the Tenda AX1806 version 1.0.0.1, specifically through the iptv.stb.port parameter in the formGetIptv function. This vulnerability poses a medium severity risk, characterized by a low complexity attack vector requiring minimal privileges and no user interaction, resulting in high integrity impact but low confidentiality impact. Affected products include the Tenda AX1806, which may be exploited locally to cause out-of-bounds writes or buffer overflows. To mitigate this vulnerability, organizations should immediately apply any available patches from the manufacturer or disable the affected functionality until a fix is implemented. If exploited, this vulnerability could lead to significant disruptions and potential data integrity issues within affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.