CVE-2024-4118

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 24, 2024

Updated: Jun 4, 2024

CWE ID 190

Summary

CVE-2024-4118 is a newly disclosed critical vulnerability affecting Tenda W15E 15.11.0.14 with a stack-based buffer overflow in the function formIPMacBindAdd of the file /goform/addIpMacBind. The issue arises when the argument IPMacBindRule is manipulated, leading to the buffer overflow. This vulnerability can be exploited remotely, and the exploit has been made public. Vendor response has been lacking, and the identifier VDB-261861 has been assigned to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Keepalived

Affected Vendors

Keepalived

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xFJ4b7
https://www.cve.org/CVERecord?id=CVE-2024-4118
https://nvd.nist.gov/vuln/detail/CVE-2024-4118

Back to Vulnerability Database