CVE-2024-46435

CVSS 3.1 Score 8 of 10 (high)

Details

Published Feb 10, 2025

CWE ID 121

Summary

CVE-2024-46435 is a stack overflow vulnerability affecting the Tenda W18E V16.01.0.8(1625) web management portal. An authenticated remote attacker can exploit this flaw by supplying malicious input to the delFacebookPic function, leading to a denial of service or potentially executing arbitrary code. This vulnerability arises due to insufficient input validation in the portal, allowing attackers to manipulate the stack and inject malicious commands.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/yhs56l
https://www.cve.org/CVERecord?id=CVE-2024-46435
https://nvd.nist.gov/vuln/detail/CVE-2024-46435

Back to Vulnerability Database

CVE-2024-46435

CVSS 3.1 Score 8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations