CVE-2024-52273

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Tenda AC6V2 versions through 15.03.06.50

Description The issue is a stack-based buffer overflow vulnerability in the setDoublePppoeConfig->guest ip check modules of Tenda AC6V2, where the mask argument can cause buffer overflows.

Recommendations For Tenda AC6V2 versions through 15.03.06.50, consider disabling the setDoublePppoeConfig function or restricting access to the guest ip check module until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2024-52273

Affected Products

Tenda Ac6V2

CVE-2024-52273

Weakness Enumeration

Related Identifiers

Affected Products

References · 8