CVE-2024-44555
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-44555 identifies a critical stack overflow vulnerability in Tenda AX1806 version 1.0.0.1, specifically through the iptv.city.vlan parameter in the setIptvInfo function. This vulnerability poses significant risks to organizations as it allows for high integrity and confidentiality impacts with potential availability issues, all via a network-based attack without requiring user interaction or privileges. To remediate this vulnerability, users should update their devices to the latest firmware version provided by Tenda, if available. The CVSS score for this vulnerability is rated at 9.8, indicating its severe nature and exploitability with a low attack complexity. Organizations utilizing affected products should prioritize immediate actions to mitigate risks associated with this critical flaw.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.