CVE-2024-57703

Name of the Vulnerable Software and Affected Versions Tenda AC8v4 version V16.03.34.06

Description The issue is a stack overflow vulnerability affecting the setSchedWifi function in the /goform/openSchedWifi file. This vulnerability is caused by the manipulation of the schedEndTime argument, leading to a stack-based buffer overflow.

Recommendations For Tenda AC8v4 version V16.03.34.06, as a temporary workaround, consider disabling the setSchedWifi function until a patch is available. Restrict access to the /goform/openSchedWifi file to minimize the risk of exploitation. Avoid using the schedEndTime argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.