CVE-2024-52714

Summary

CVE-2024-52714 is a recently disclosed buffer overflow vulnerability affecting the Tenda AC6 v2.0 v15.03.06.50 firmware. The issue lies within the 'fromSetSysTime' function, which fails to properly validate input, leading to a buffer overflow condition. An attacker can exploit this vulnerability by crafting a specially crafted input packet, potentially causing the affected device to crash or execute arbitrary code with elevated privileges. This could lead to unauthorized access, data theft, or denial of service attacks. It is recommended that users apply the latest security patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.