Lucene search

MitreCVE-2024-44390

HistoryAug 23, 2024 - 5:15 p.m.

CVE-2024-44390

2024-08-2317:15:10

CWE-787

CWE-121

mitre

web.nvd.nist.gov

tenda fh1206

buffer overflow

vulnerability

formwrlsafeset

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

25.9%

JSON

Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function formWrlsafeset.

Affected configurations

Nvd

Node

tencacnfh1206_firmwareMatch1.2.0.8\(8155\)_en

AND

tencacnfh1206Match-

VendorProductVersionCPE
tencacnfh1206_firmware1.2.0.8(8155)_encpe:2.3:o:tencacn:fh1206_firmware:1.2.0.8\(8155\)_en:*:*:*:*:*:*:*
tencacnfh1206-cpe:2.3:h:tencacn:fh1206:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tencacn	fh1206_firmware	1.2.0.8(8155)_en	cpe:2.3:o:tencacn:fh1206_firmware:1.2.0.8\(8155\)_en:::::::*
tencacn	fh1206	-	cpe:2.3:h:tencacn:fh1206:-:::::::*

References

github.com/GroundCTL2MajorTom/pocs/blob/main/tenda_FH1206_buffer_overflow8.md

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

25.9%

JSON

Related for CVE-2024-44390