CVE-2024-52272 — Stack-based Buffer Overflow in Tenda Technology CO Tenda Ac6v2

CWE-121 — Stack-based Buffer Overflow CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

8.3HIGHNVD

EPSS

0.2%

top 62.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Shenzhen Tenda Technology CO Tenda Ac6v2 Tenda AC6 Firmware

Timeline

PublishedDec 4

Description

Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Affected Packages2 packages

▶CVEListV5shenzhen_tenda_technology_co/tenda_ac6v215.03.06.50

▶NVDtenda/ac6_firmware15.03.06.50

🔴Vulnerability Details

CVEList

Denial of Service on Tenda AC6V2 Due To Stack Overflow↗2024-12-04

▶

GHSA

GHSA-p2hx-7wmw-x3vv: Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow↗2024-12-04

▶