CVE-2024-44550

Summary

CVE-2024-44550 is a critical vulnerability affecting the Tenda AX1806 firmware version 1.0.0.1, which contains a stack overflow in the formGetIptv function due to improper handling of the adv.iptv.stbpvid parameter. The vulnerability has an exploitability score of 3.9 and a base severity rating of 9.8, indicating that exploitation could lead to high impacts on integrity, confidentiality, and availability with no user interaction required. To remediate this issue, organizations should update the affected firmware to the latest version provided by Tenda as soon as possible. If exploited, this vulnerability could allow attackers to execute arbitrary code remotely, potentially compromising sensitive data and disrupting services. This situation highlights a significant security risk for organizations using vulnerable Tenda devices within their networks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.