CVE-2024-0996

CVE-2024-0996 affects Tenda i9 1.0.0.9(4122) via the httpd component, in the function formSetCfm of /goform/setcfm. The root cause is a stack-based buffer overflow triggered by manipulating the funcpara1 argument, enabling a remote attacker to exploit the vulnerability. Public exploits have been ...

CVE-2024-0993

A vulnerability was found in Tenda i6 1.0.0.93857. It has been classified as critical. Affected is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to launch t...

CVE-2024-0995

CVE-2024-0995 affects Tenda W6 firmware 1.0.0.9(4122). The vulnerability lies in the httpd component, in the function formwrlSSIDset (file /goform/wifiSSIDset). Manipulating the index argument causes a stack-based buffer overflow, with remote exploitation potentially possible. Public disclosures ...

CVE-2024-0994

CVE-2024-0994 affects Tenda W6 1.0.0.9(4122). The httpd component’s /goform/setcfm formSetCfm function can be triggered via the funcpara1 parameter to cause a stack-based buffer overflow. Exploitation can be performed remotely, and public disclosures exist. Remediation/advisories in connected dat...

CVE-2024-0993

Tenda i6, version 1.0.0.9(3857), contains a stack-based buffer overflow in httpd’s formWifiMacFilterGet function (/goform/WifiMacFilterGet) triggered by manipulating the index argument. This enables remote exploitation and is supported by public disclosures (CVE-2024-0993). No remediation details...

CVE-2024-0991

A vulnerability has been found in Tenda i6 1.0.0.93857 and classified as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated...

CVE-2024-0990

A vulnerability, which was classified as critical, was found in Tenda i6 1.0.0.93857. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component httpd. The manipulation of the argument ping1 leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-0992

CVE-2024-0992 affects Tenda i6 1.0.0.9(3857) in the httpd component via the formwrlSSIDset function at /goform/wifiSSIDset. The index argument manipulation leads to a stack-based buffer overflow, enabling remote exploitation (attack vector: network; impact: high confidentiality, integrity, and av...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0962

CVE-2024-0962 affects obgm libcoap 4.3.4. The vulnerability is in the function get_split_entry of src/coap_oscore.c (Configuration File Handler) and leads to a stack-based buffer overflow. The issue is exploitable remotely according to the description, and public disclosure of the exploit is note...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0932

The vulnerability CVE-2024-0932 affects Tenda AC10U (firmware 15.03.06.49_multi_TDE01). The issue is a stack-based buffer overflow in setSmartPowerManagement caused by improper boundary checks on the time argument. It can be triggered remotely, with public exploits disclosed. Impact is described ...

CVE-2024-0931

CVE-2024-0931 affects Tenda AC10U, specifically the saveParentControlInfo function in version 15.03.06.49_multi_TDE01. The vulnerability is a stack-based buffer overflow triggered by manipulating deviceId/time/urls, with remote execution risk and a publicly disclosed exploit. Multiple sources (NV...

CVE-2024-0930

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49multiTDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-0928

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. The exploit h...

CVE-2024-0930

The CVE-2024-0930 entry concerns a stack-based buffer overflow in Tenda AC10U firmware (version 15.03.06.49_multi_TDE01) via the fromSetWirelessRepeat function, caused by improper handling of the wpapsk_crypto argument. This allows remote attacker impact to confidentiality, integrity, and availab...

CVE-2024-0929

The CVE-2024-0929 issue affects Tenda AC10U devices running 15.03.06.49_multi_TDE01. Affected component is the fromNatStaticSetting function, where manipulation of the page argument enables a stack-based buffer overflow. This can be exploited remotely, with exploit details publicly disclosed (VDB...

CVE-2024-0928

CVE-2024-0928 concerns the Tenda AC10U device with firmware 15.03.06.49_multi_TDE01. The vulnerability is in the function fromDhcpListClient, where manipulation of the argument page/listN causes a stack-based buffer overflow. It is a network-facing issue with remote exploitation, and the exploit ...

CVE-2024-0926

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the publi...