CVE-2024-46049

Summary

CVE-2024-46049 identifies a stack overflow vulnerability in the Tenda O6 V3.0 firmware version V1.0.0.7(2054), specifically within the formexeCommand function. This vulnerability poses a medium severity risk, with a base score of 5.7, and can be exploited with low privileges and no user interaction required, primarily through adjacent network access. The flaw does not impact the integrity or confidentiality of the system but presents a high risk to availability due to potential service disruptions. Organizations using this firmware should remediate the vulnerability by updating to the latest version provided by Tenda, as outlined in related documentation. Failure to address this issue could allow malicious actors to disrupt services, impacting operational continuity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.