CVE-2024-4240

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Apr 26, 2024

Updated: Jun 4, 2024

CWE ID 22

Summary

CVE-2024-4240 is a critical vulnerability affecting Tenda W9 1.0.0.7(4456), specifically the function formQosManageDouble_user. Hackers can exploit this stack-based buffer overflow issue by manipulating the argument ssidIndex. This vulnerability allows remote attacks, making it a serious concern. The associated identifier for this issue is VDB-262132. Notably, efforts to disclose this vulnerability to the vendor were unsuccessful.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

InfoScan

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xiCcus
https://www.cve.org/CVERecord?id=CVE-2024-4240
https://nvd.nist.gov/vuln/detail/CVE-2024-4240

Back to Vulnerability Database

CVE-2024-4240

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations