PT-2025-6089 · Tenda · Tenda W18E

Published

2025-02-10

Updated

2025-02-14

CVE-2024-46431

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Tenda W18E version 16.01.0.8(1625)

Description The issue is related to a Buffer Overflow vulnerability. An attacker with access to the web management portal can exploit this by sending specially crafted data to the delWewifiPic function.

Recommendations For Tenda W18E version 16.01.0.8(1625), as a temporary workaround, consider disabling the delWewifiPic function until a patch is available. Restrict access to the web management portal to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2025-04849

CVE-2024-46431

Affected Products

Tenda W18E

PT-2025-6089 · Tenda · Tenda W18E

CVE-2024-46431

Weakness Enumeration

Related Identifiers

Affected Products

References · 8