CVE-2024-44552

Summary

CVE-2024-44552 identifies a stack overflow vulnerability in Tenda AX1806 v1.0.0.1, specifically through the adv.iptv.stballvlans parameter in the formGetIptv function. This vulnerability poses a medium risk with an exploitability score of 1.8, requiring low privileges and no user interaction, while having a high impact on data integrity but low impacts on confidentiality and availability. Organizations utilizing affected products, particularly the l61FWX firmware version, may face potential local attacks that could compromise system integrity. To remediate this vulnerability, users are advised to update to the latest firmware version provided by Tenda or apply any available security patches. Failure to address this vulnerability could lead to unauthorized manipulation of system memory and possible exploitation within local network environments.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.