admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-10123.md

19 lines
1.1 KiB
Markdown
Raw Normal View History

Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
### [CVE-2024-10123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10123)
![](https://img.shields.io/static/v1?label=Product&message=AC8&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%2016.03.34.06%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Stack-based%20Buffer%20Overflow&color=brighgreen)
### Description
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compare_parentcontrol_time of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This is not the same issue like CVE-2023-33671. The vendor was contacted early about this disclosure but did not respond in any way.
### POC
#### Reference
- https://github.com/JohenanLi/router_vuls/blob/main/ac8v4/compare_parentcontrol_time_vul.md
#### Github
- https://github.com/IoTBec/Reports
- https://github.com/JohenanLi/router_vuls
Reference in New Issue Copy Permalink