CVE-2024-44558

Summary

CVE-2024-44558 is a vulnerability affecting Tenda AX1806 version 1.0.0.1, which contains a stack overflow flaw in the setIptvInfo function due to the adv.iptv.stbpvid parameter. The vulnerability has a high severity rating with a CVSS score of 8.8, indicating significant risks to confidentiality, integrity, and availability of affected systems. It can be exploited with low complexity from an adjacent network without requiring user interaction or privileges, potentially allowing attackers to execute arbitrary code. Organizations using this product should apply available patches or updates from Tenda to remediate the issue and enhance their security posture. Failure to address this vulnerability could lead to severe data breaches and disruptions in service continuity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.