CVE-2024-40417

MEDIUM

Tenda AX1806 1.0.0.1 - Buffer Overflow

Title source: llm

Description

A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow.

References (1)

Core 1

Core References

Broken Link

https://github.com/Feng-ZZ-pwn/IOT/blob/main/Tenda%20AX_1806/1/SetIpMacBind.md

View Writeup ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0018

EPSS Percentile 39.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-121

Status published

Products (1)

tenda/ax1806_firmware 1.0.0.1

Published Jul 10, 2024

Tracked Since Feb 18, 2026