CVE-2024-4164

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 15.11.0.17(9502)

Description: A critical issue has been found in the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac, which is related to a stack-based buffer overflow. The manipulation of the argument pppoeServerWhiteMacIndex can lead to this issue. The attack may be initiated remotely, and the exploit has been disclosed to the public. This allows a remote attacker to execute arbitrary code by sending specially crafted POST requests.

Recommendations: For Tenda G3 version 15.11.0.17(9502), as a temporary workaround, consider disabling the formModifyPppAuthWhiteMac function until a patch is available. Restrict access to the /goform/ModifyPppAuthWhiteMac file to minimize the risk of exploitation. Avoid using the argument pppoeServerWhiteMacIndex in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.