CVE-2024-7581

Name of the Vulnerable Software and Affected Versions Tenda A301 version 15.13.08.12

Description A critical vulnerability has been found in the function formWifiBasicSet of the file /goform/WifiBasicSet, which is affected by a stack-based buffer overflow due to the manipulation of the security argument. This issue can be exploited remotely, potentially leading to a denial of service. The exploit has been publicly disclosed.

Recommendations For Tenda A301 version 15.13.08.12, as a temporary workaround, consider disabling the formWifiBasicSet function until a patch is available. Restrict access to the /goform/WifiBasicSet file to minimize the risk of exploitation. Avoid using the security argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.