Wei Zhou's team (IoTS&P Lab)

2 exploits Active since Nov 2024
CVE-2024-11650 WRITEUP MEDIUM WORKING POC
Tenda i9 1.0.0.8(3828) - Null Pointer Dereference
A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.5
CVE-2024-51409 WRITEUP MEDIUM WRITEUP
Tenda O3 Firmware 1.0.0.5 - Buffer Overflow via Network Packet
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware.
CVSS 6.5