CVE-2024-46431

HIGH

Tenda W18E V16.01.0.8(1625) - Buffer Overflow via delWewifiPic Function

Title source: llm
STIX 2.1

Description

Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function.

References (1)

Core 1
Core References

Scores

CVSS v3 8.0
EPSS 0.0046
EPSS Percentile 37.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-120
Status published
Products (1)
tenda/w18e_firmware 16.01.0.8\(1625\)
Published Feb 10, 2025
Tracked Since Feb 18, 2026