CVE-2024-52274

Name of the Vulnerable Software and Affected Versions Tenda AC6V2 versions through 15.03.06.50

Description The issue is a stack-based buffer overflow vulnerability in the setDoubleL2tpConfig->guest ip check modules, allowing buffer overflows. This vulnerability affects Tenda AC6V2 and can be exploited for remote code execution.

Recommendations For Tenda AC6V2 versions through 15.03.06.50, update the firmware to a version later than 15.03.06.50 to resolve the issue. As a temporary workaround, consider restricting access to the setDoubleL2tpConfig module and the guest ip check function until a patch is available. Avoid using the mask argument in the affected modules until the issue is resolved.