CVE-2024-2581

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Mar 18, 2024

Updated: May 17, 2024

CWE ID 120

Summary

CVE-2024-2581 is a newly disclosed critical vulnerability affecting the Tenda AC10 routers running version 16.03.10.13. This issue lies in the fromSetRouteStatic function of the SetStaticRouteCfg file, which can be exploited through a stack-based buffer overflow. The manipulation of the argument list causes the buffer to overflow, leading to potential remote code execution. The vulnerability has been made public and an exploit is available, increasing the risk for potential attacks. The Vulnerability Database has assigned the identifier VDB-257081 to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ufT3BA
https://www.cve.org/CVERecord?id=CVE-2024-2581
https://nvd.nist.gov/vuln/detail/CVE-2024-2581

Back to Vulnerability Database

CVE-2024-2581

CVSS 3.1 Score 8.4 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations