CVE-2024-8230

Summary

CVE-2024-8230 is a critical vulnerability affecting the Tenda O6 router, specifically in version 1.0.0.7(2054), due to a stack-based buffer overflow in the fromSafeSetMacFilter function found in the /goform/setMacFilterList file. This vulnerability allows for remote exploitation through manipulation of specific parameters, posing significant risks to both confidentiality and integrity, with a CVSS score of 9.0 indicating high severity. Remediation steps have not been publicly disclosed as the vendor has not responded to communication regarding this issue. Given its low attack complexity and high impact potential, organizations using the affected product are advised to implement immediate security measures, such as restricting network access or applying any available patches or mitigations, should they become available. The exploit has already been made public, increasing the urgency for organizations to address this vulnerability promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.