CVE-2024-7614
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-7614 is a newly disclosed critical vulnerability that affects the Tenda FH1206 1.2.0.8(8155) firmware. The issue lies in the fromqossetting function of the /goform/qossetting file, where a stack-based buffer overflow can be triggered by manipulating the page argument. This vulnerability permits remote attacks, meaning an attacker can potentially exploit this flaw from a distant location. The exploit for this vulnerability has been made public, increasing the risk for potential attacks. Despite early notification, the vendor has not responded to disclose a patch or update.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Tenda FH1206
Affected Vendors
- Shenzhen Tenda Technology Co. Ltd