Lucene search

[email protected]NVD:CVE-2024-44390

HistoryAug 23, 2024 - 5:15 p.m.

CVE-2024-44390

2024-08-2317:15:10

CWE-121

CWE-787

[email protected]

web.nvd.nist.gov

tenda

fh1206

buffer overflow

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

25.9%

JSON

Tenda FH1206 V1.2.0.8(8155)_EN contains a Buffer Overflow vulnerability via the function formWrlsafeset.

Affected configurations

Nvd

Node

tencacnfh1206_firmwareMatch1.2.0.8\(8155\)_en

AND

tencacnfh1206Match-

VendorProductVersionCPE
tencacnfh1206_firmware1.2.0.8(8155)_encpe:2.3:o:tencacn:fh1206_firmware:1.2.0.8\(8155\)_en:*:*:*:*:*:*:*
tencacnfh1206-cpe:2.3:h:tencacn:fh1206:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tencacn	fh1206_firmware	1.2.0.8(8155)_en	cpe:2.3:o:tencacn:fh1206_firmware:1.2.0.8\(8155\)_en:::::::*
tencacn	fh1206	-	cpe:2.3:h:tencacn:fh1206:-:::::::*

References

github.com/GroundCTL2MajorTom/pocs/blob/main/tenda_FH1206_buffer_overflow8.md

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

25.9%

JSON

Related for NVD:CVE-2024-44390

cve1 vulnrichment1 cvelist1