CVE-2024-7614

Summary

CVE-2024-7614 is a newly disclosed critical vulnerability that affects the Tenda FH1206 1.2.0.8(8155) firmware. The issue lies in the fromqossetting function of the /goform/qossetting file, where a stack-based buffer overflow can be triggered by manipulating the page argument. This vulnerability permits remote attacks, meaning an attacker can potentially exploit this flaw from a distant location. The exploit for this vulnerability has been made public, increasing the risk for potential attacks. Despite early notification, the vendor has not responded to disclose a patch or update.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.