Exploitation Summary
EIP tracks 2 public exploits for CVE-2024-24488. PoCs published by legacyobj, minj-ae.
AI-analyzed exploit summary The repository provides a technical overview of CVE-2024-24488, detailing how sensitive information, including WiFi passwords, is stored in plaintext in a specific file path on affected Tenda CP3V2.0 devices. It identifies the vulnerable file path and describes the vulnerability as a cleartext storage issue (CWE-313).
Description
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component.
Exploits (2)
The repository provides a technical overview of CVE-2024-24488, detailing how sensitive information, including WiFi passwords, is stored in plaintext in a specific file path on affected Tenda CP3V2.0 devices. It identifies the vulnerable file path and describes the vulnerability as a cleartext storage issue (CWE-313).
The repository provides a technical overview of CVE-2024-24488, detailing how sensitive information, including WiFi passwords, is stored in plaintext in a specific file path on affected Tenda CP3V2.0 devices. It identifies the vulnerable file path and describes the vulnerability as a cleartext storage issue (CWE-313).
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N