CVE-2024-4493

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published May 5, 2024

Updated: Jun 4, 2024

CWE ID 476

Summary

CVE-2024-4493 is a critical vulnerability that affects Tenda i21 firmware version 1.0.0.14(4656). The issue lies within the function formSetAutoPing, where manipulation of the ping1/ping2 arguments can lead to a stack-based buffer overflow. This vulnerability permits remote exploitation and the exploit code has been made public. VDB-263082 is the identifier for this security flaw, and unfortunately, the vendor was unresponsive to early disclosures about it.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x8MQ1g
https://www.cve.org/CVERecord?id=CVE-2024-4493
https://nvd.nist.gov/vuln/detail/CVE-2024-4493

Back to Vulnerability Database

CVE-2024-4493

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations