CVE-2024-2891 in Tenda AC7info

Summary

A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257934 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Responsible

VulDB

Reservation

03/26/2024

Disclosure

03/26/2024

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
257934	Tenda AC7 QuickIndex formQuickIndex stack-based overflow	121	Proof-of-Concept	Not defined	CVE-2024-2891

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!