CVE-2024-35576

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-35576
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.

5.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 4.2

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-formSetIptv-cebf9202122a4582ae86c5253b3f6da3?pvs=4 Exploit Third Party Advisory Broken Link
https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-formSetIptv-cebf9202122a4582ae86c5253b3f6da3?pvs=4 Exploit Third Party Advisory Broken Link
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ax1806:-:*:*:*:*:*:*:*
History

17 Mar 2025, 14:29

Type Values Removed Values Added
First Time Tenda
Tenda ax1806
Tenda ax1806 Firmware
CPE cpe:2.3:o:tenda:ax1806_firmware:1.0.0.1:*:*:*:*:*:*:*
cpe:2.3:h:tenda:ax1806:-:*:*:*:*:*:*:*
References () https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-formSetIptv-cebf9202122a4582ae86c5253b3f6da3?pvs=4 - () https://detailed-stetson-767.notion.site/Tenda-AX1806-Buffer-Overflow-in-formSetIptv-cebf9202122a4582ae86c5253b3f6da3?pvs=4 - Exploit, Third Party Advisory, Broken Link
Information

Published : 2024-05-20 18:15

Updated : 2025-03-17 14:29

NVD link : CVE-2024-35576

Mitre link : CVE-2024-35576

CVE.ORG link : CVE-2024-35576

JSON object : View

Products Affected

tenda

  • ax1806_firmware
  • ax1806
CWE
CWE-121

Stack-based Buffer Overflow