CVE-2024-44555

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 26, 2024
Updated: Aug 27, 2024
CWE ID 787
CWE ID 120

Summary

CVE-2024-44555 identifies a critical stack overflow vulnerability in Tenda AX1806 version 1.0.0.1, specifically through the iptv.city.vlan parameter in the setIptvInfo function. This vulnerability poses significant risks to organizations as it allows for high integrity and confidentiality impacts with potential availability issues, all via a network-based attack without requiring user interaction or privileges. To remediate this vulnerability, users should update their devices to the latest firmware version provided by Tenda, if available. The CVSS score for this vulnerability is rated at 9.8, indicating its severe nature and exploitability with a low attack complexity. Organizations utilizing affected products should prioritize immediate actions to mitigate risks associated with this critical flaw.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share