CVE-2024-53621

HIGH

Tenda AC1206 15.03.06.23 - Stack-based Buffer Overflow in formSetCfm()

Title source: llm

Description

A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

References (2)

Core 2

Core References

Various Sources

https://drive.google.com/file/d/1b7DlkG7XVmJmCxDrX7u1X7CAk-lOviBX/view?usp=sharing

Various Sources

https://github.com/qingwei4/Router-VR/blob/main/CVE-2024-53621/CVE-2024-53621.md

View Writeup ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0037

EPSS Percentile 28.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-121

Status published

Published Jun 30, 2025

Tracked Since Feb 18, 2026