CVE-2024-4111

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Apr 24, 2024

Updated: Jun 4, 2024

CWE ID 444

CWE ID 863

CWE ID 187

Summary

CVE-2024-4111 is a critical vulnerability affecting the Tenda TX9 device with software version 22.03.02.10. This issue lies within the function sub_42BD7C of the SetLEDCfg file and results from a stack-based buffer overflow caused by manipulating the argument time. The exploit for this vulnerability, identified as VDB-261854, has been disclosed to the public, allowing remote attacks. Despite early notification, the vendor has failed to respond.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xCCPXl
https://www.cve.org/CVERecord?id=CVE-2024-4111
https://nvd.nist.gov/vuln/detail/CVE-2024-4111

Back to Vulnerability Database

CVE-2024-4111

CVSS 3.1 Score 9.9 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations