CVE-2024-4170

Name of the Vulnerable Software and Affected Versions Tenda 4G300 version 1.01.42

Description A critical issue affects the function sub 429A30. The manipulation of the argument list1 leads to a stack-based buffer overflow. The attack may be initiated remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations For Tenda 4G300 version 1.01.42, as a temporary workaround, consider disabling the sub 429A30 function until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. Avoid using the argument list1 in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.