CVE-2024-4494

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published May 5, 2024
Updated: May 6, 2024
CWE ID 121

Summary

CVE-2024-4494 is a critical vulnerability found in Tenda i21 1.0.0.14(4656). The vulnerability is related to the function formSetUplinkInfo of the file /goform/setUplinkInfo and is classified as a stack-based buffer overflow. It can be exploited remotely, and the manipulation of the argument pingHostIp2 triggers the vulnerability. The exploit has been publicly disclosed, but the vendor did not respond to the disclosure. The vulnerability has a CVSS score of 9.0, indicating a high potential danger to organizations using Tenda i21 1.0.0.14(4656).

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-4494 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options