8.8
CVSSv3

CVE-2024-11056

CVSSv4: 8.7 | CVSSv3: 8.8 | CVSSv2: 9 | VMScore: 970 | EPSS: 0.00129 | KEV: Not Included
Published: 10/11/2024 Updated: 14/11/2024

Vulnerability Summary

Critical Remote Code Execution in Tenda AC10 via Buffer Overflow

A critical vulnerability was discovered in Tenda AC10 16.03.10.13. The issue is in the function FUN_0046AC38 within the file /goform/WifiExtraSet. By changing the wpapsk_crypto argument, a stack-based buffer overflow can occur. This attack can happen remotely. The exploit is public and could be used by others.

Vulnerable Product Search on Vulmon Subscribe to Product

tenda ac10 firmware 16.03.10.13