PT-2024-20906 · Tenda · Tenda Ac10 V4.0

Published

2024-02-15

Updated

2025-03-17

CVE-2024-25373

CVSS v3.1

4.6

Medium

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Tenda AC10V4.0 version V16.03.10.20

Description A stack overflow issue was discovered via the page parameter in the sub 49B384 function. This issue can potentially be exploited, but no details about the estimated number of affected devices or real-world incidents are provided.

Recommendations For Tenda AC10V4.0 version V16.03.10.20, consider restricting access to the sub 49B384 function as a temporary workaround until a patch is available. Avoid using the page parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2024-25373

Affected Products

Tenda Ac10 V4.0

PT-2024-20906 · Tenda · Tenda Ac10 V4.0

CVE-2024-25373

Weakness Enumeration

Related Identifiers

Affected Products

References · 8