Auto-Update: 2024-05-05T06:00:39.449953+00:00

2025-07-11 16:13:34 +00:00 · 2024-05-05 06:03:29 +00:00 · 2024-05-05 06:03:29 +00:00 · f4786ea1ce
commit f4786ea1ce
parent 865ce3e46e
3 changed files with 110 additions and 27 deletions
--- a/CVE-2024/CVE-2024-44xx/CVE-2024-4494.json
+++ b/CVE-2024/CVE-2024-44xx/CVE-2024-4494.json
@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-4494",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-05-05T05:15:06.530",
+  "lastModified": "2024-05-05T05:15:06.530",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this vulnerability is the function formSetUplinkInfo of the file /goform/setUplinkInfo. The manipulation of the argument pingHostIp2 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263083. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 8.8,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.9
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "COMPLETE",
+          "integrityImpact": "COMPLETE",
+          "availabilityImpact": "COMPLETE",
+          "baseScore": 9.0
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 8.0,
+        "impactScore": 10.0,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-121"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formSetUplinkInfo.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.263083",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.263083",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.323604",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-05-05T04:00:37.741427+00:00
+2024-05-05T06:00:39.449953+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-05-05T03:15:07.340000+00:00
+2024-05-05T05:15:06.530000+00:00
 ```

 ### Last Data Feed Release
@ -33,30 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-248613
+248614
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `8`
+Recently added CVEs: `1`

- [CVE-2024-34483](CVE-2024/CVE-2024-344xx/CVE-2024-34483.json) (`2024-05-05T02:15:06.613`)
- [CVE-2024-34484](CVE-2024/CVE-2024-344xx/CVE-2024-34484.json) (`2024-05-05T02:15:07.187`)
- [CVE-2024-34486](CVE-2024/CVE-2024-344xx/CVE-2024-34486.json) (`2024-05-05T03:15:07.120`)
- [CVE-2024-34487](CVE-2024/CVE-2024-344xx/CVE-2024-34487.json) (`2024-05-05T03:15:07.167`)
- [CVE-2024-34488](CVE-2024/CVE-2024-344xx/CVE-2024-34488.json) (`2024-05-05T03:15:07.207`)
- [CVE-2024-34489](CVE-2024/CVE-2024-344xx/CVE-2024-34489.json) (`2024-05-05T03:15:07.250`)
- [CVE-2024-34490](CVE-2024/CVE-2024-344xx/CVE-2024-34490.json) (`2024-05-05T03:15:07.293`)
- [CVE-2024-4493](CVE-2024/CVE-2024-44xx/CVE-2024-4493.json) (`2024-05-05T03:15:07.340`)
+- [CVE-2024-4494](CVE-2024/CVE-2024-44xx/CVE-2024-4494.json) (`2024-05-05T05:15:06.530`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `3`
+Recently modified CVEs: `0`

- [CVE-2024-22373](CVE-2024/CVE-2024-223xx/CVE-2024-22373.json) (`2024-05-05T03:15:06.740`)
- [CVE-2024-22391](CVE-2024/CVE-2024-223xx/CVE-2024-22391.json) (`2024-05-05T03:15:06.950`)
- [CVE-2024-25569](CVE-2024/CVE-2024-255xx/CVE-2024-25569.json) (`2024-05-05T03:15:07.033`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -242163,7 +242163,7 @@ CVE-2024-2237,0,0,95217e309830b6a01494ecd2c39d8ef034463910771c1bc92cd3bee697f61f
 CVE-2024-22370,0,0,13df6251176042b21f4cc7eccb2248918a53b76e3179e3ca6bd1e1e82fbd0a45,2024-01-12T19:29:18.790000
 CVE-2024-22371,0,0,4bde0f360e03417565b1053dc8e4d6f3c0a609d9b4bebdd79ac08f66edab383f,2024-02-26T16:32:25.577000
 CVE-2024-22372,0,0,b1b41923d4d5e3a62f9aafb5eb6f291d0486263d2806b04c051fd8c8c54bfad1,2024-01-30T22:17:49.987000
-CVE-2024-22373,0,1,335e31983512bb047b0b0675b05e42b4dcf880eb56ab5a7f58f3d5a0599ff4db,2024-05-05T03:15:06.740000
+CVE-2024-22373,0,0,335e31983512bb047b0b0675b05e42b4dcf880eb56ab5a7f58f3d5a0599ff4db,2024-05-05T03:15:06.740000
 CVE-2024-2238,0,0,afd0d461b63ffbf0cdec79f63894ae69a7d59a0b22846a34ff25432e2a9728b9,2024-03-13T18:15:58.530000
 CVE-2024-22380,0,0,fbb17e03b7392116b029e62cf5fc227ae3083f2acc9171774ca51468933ea1b7,2024-01-30T22:14:24.967000
 CVE-2024-22383,0,0,810a6e86f28ef493260b232f9a886a5828bc2cb5687e22ad7a4e8bfc9a3765be,2024-03-05T13:41:01.900000
@ -242171,7 +242171,7 @@ CVE-2024-22386,0,0,9bb868760c88683007f1f54485a980666afe5aeeb8bc008d8d811fea3dbfe
 CVE-2024-22388,0,0,da7359316abb172866812a3012c9f9fa4c74a86ab41d23e55880cf90ab42d985,2024-02-14T20:59:09.660000
 CVE-2024-22389,0,0,96781b551653662b24bed6c6167841567f0e5e4776b3fb44064036280367773a,2024-02-14T18:04:45.380000
 CVE-2024-2239,0,0,39e7f275af33a75dc9ccc5324d6f8398d75467c16638ade753370c3004c45df2,2024-03-13T18:15:58.530000
-CVE-2024-22391,0,1,62341b5152aa1a774d6fbe2b0ec3f90eb73f70a9c84602a13eb88c5ee62936fb,2024-05-05T03:15:06.950000
+CVE-2024-22391,0,0,62341b5152aa1a774d6fbe2b0ec3f90eb73f70a9c84602a13eb88c5ee62936fb,2024-05-05T03:15:06.950000
 CVE-2024-22393,0,0,baae8029e1587725a02d8ccb1fb298e540bb69b478da7728d31a9731926e8718,2024-02-22T19:07:27.197000
 CVE-2024-22394,0,0,fdf2846817bf0321d479c4aa67f29d797db24255733cd4d946cc68e44bfccdc7,2024-02-14T21:46:40.537000
 CVE-2024-22395,0,0,6711e106c8c4c38c682ec5a4d729c0e15c9677b5ef0302671313a8f4838fafc1,2024-02-26T13:42:22.567000
@ -243788,7 +243788,7 @@ CVE-2024-25559,0,0,b710ef2f87d2510e81b25ebbc4243b848284fc64bfa4b8a44d47d25b0e965
 CVE-2024-2556,0,0,5a3397ecc5fdef519ab75d3f33842b25dc006ffb41e1f908e35adb09560e9ffb,2024-04-11T01:25:27.740000
 CVE-2024-25567,0,0,bbb8c64eb3dcee3e8e89951734f837d0c3bea66c11459a30529f4c9133593805,2024-03-22T12:45:36.130000
 CVE-2024-25568,0,0,64eb53482937f270c14cf377745a1f7d8d5cbc3555eb58e76e7de7c26a9505c7,2024-04-04T12:48:41.700000
-CVE-2024-25569,0,1,4638448a8546825fa9e00c3ff94a077ca9cbdaa5d8882a201d353ede23041668,2024-05-05T03:15:07.033000
+CVE-2024-25569,0,0,4638448a8546825fa9e00c3ff94a077ca9cbdaa5d8882a201d353ede23041668,2024-05-05T03:15:07.033000
 CVE-2024-2557,0,0,a617119e7aec654c68da3fc71fccd99356ed7ca0eba1b1243e2bc71d72e1c32e,2024-04-11T01:25:27.817000
 CVE-2024-25572,0,0,6916ce68d4646365d0578802b2b08ffd76a62b8c07df1314570c90fc1d876f93,2024-04-11T12:47:44.137000
 CVE-2024-25574,0,0,4bc8d3cd97ad31d3dfd232c462a09dc1924d30756dc7bfcb27690950ff1edfb2,2024-04-02T12:50:42.233000
@ -248184,13 +248184,13 @@ CVE-2024-34475,0,0,6d15b8802e8fdca4ed6de8bd66b22656a821aaf6a03846ed9f14e3cfba217
 CVE-2024-34476,0,0,080fd3199e7767d2604a8ad76aea3cfaabea2a6a6f2dc48e4f3aca329564a314,2024-05-05T00:15:07.330000
 CVE-2024-34478,0,0,7055801c725171449aba74dfd627b6519bc998620f36504f7dc9a72128f044cf,2024-05-05T01:15:06.320000
 CVE-2024-3448,0,0,38511310080ef6cbfb33c1721e41ad41c6df0877e6ffcdbf14f478fa1ea7a673,2024-04-10T19:49:51.183000
-CVE-2024-34483,1,1,64d76cddebbf230e042224695269d7958cf3517b58aa8d9cec328afe2b002848,2024-05-05T02:15:06.613000
-CVE-2024-34484,1,1,a282f33a989a75ed324be1c61135db75310ab251536af758df78ce69e5b6c0cd,2024-05-05T02:15:07.187000
-CVE-2024-34486,1,1,121e9a598aceb08daf45443cb76c473d842fe9badc069ef5c92ea537b384810b,2024-05-05T03:15:07.120000
-CVE-2024-34487,1,1,6dfc3b7d0ace36ecae8ca020760cfdbd59942f34bccc73b55840c2a8713d05c1,2024-05-05T03:15:07.167000
-CVE-2024-34488,1,1,b1f23c5509e45c2bd9e4aabf7ce16a9c4aedf5e72ad79f15b2aa755b46e07ef0,2024-05-05T03:15:07.207000
-CVE-2024-34489,1,1,0cf37a67d279584b0ad86d17ca2dda407970ab9e93e91085f27b5c3b02c22b28,2024-05-05T03:15:07.250000
-CVE-2024-34490,1,1,27e9620568057cf2edd135f7d5749d2da00c288109019cdd5ae1fb06fa94c5d4,2024-05-05T03:15:07.293000
+CVE-2024-34483,0,0,64d76cddebbf230e042224695269d7958cf3517b58aa8d9cec328afe2b002848,2024-05-05T02:15:06.613000
+CVE-2024-34484,0,0,a282f33a989a75ed324be1c61135db75310ab251536af758df78ce69e5b6c0cd,2024-05-05T02:15:07.187000
+CVE-2024-34486,0,0,121e9a598aceb08daf45443cb76c473d842fe9badc069ef5c92ea537b384810b,2024-05-05T03:15:07.120000
+CVE-2024-34487,0,0,6dfc3b7d0ace36ecae8ca020760cfdbd59942f34bccc73b55840c2a8713d05c1,2024-05-05T03:15:07.167000
+CVE-2024-34488,0,0,b1f23c5509e45c2bd9e4aabf7ce16a9c4aedf5e72ad79f15b2aa755b46e07ef0,2024-05-05T03:15:07.207000
+CVE-2024-34489,0,0,0cf37a67d279584b0ad86d17ca2dda407970ab9e93e91085f27b5c3b02c22b28,2024-05-05T03:15:07.250000
+CVE-2024-34490,0,0,27e9620568057cf2edd135f7d5749d2da00c288109019cdd5ae1fb06fa94c5d4,2024-05-05T03:15:07.293000
 CVE-2024-3455,0,0,18e948f1ff2182718852b2ba697f0fa9a8598811bb1c2e87509c3bd543b90a57,2024-04-11T01:26:03.233000
 CVE-2024-3456,0,0,944b33373fddc7621692e3fce6708723c7abc962139d88da65ad0c4ce610f104,2024-04-11T01:26:03.310000
 CVE-2024-3457,0,0,eda30bdfb17395ab91987b75a43f4990cc086dc3cfa77a90fc0cb388efd5e793,2024-04-11T01:26:03.387000
@ -248611,4 +248611,5 @@ CVE-2024-4461,0,0,7ca39b07094b9badd740410c9408db11fe23a2c272b945e9ccd422d33b255a
 CVE-2024-4466,0,0,362cf34285ea8ef22c0a4fe2e518499aaa4b8f79660cea3c0f457b3e58b9b244,2024-05-03T12:48:41.067000
 CVE-2024-4491,0,0,1a5f27745a8ec08a1f5e0f9da2e27810b92785adfe2d2b033360b45433bcec4d,2024-05-05T00:15:07.373000
 CVE-2024-4492,0,0,72bc77517605f09c5f3e213fe18a8865c1b53bc716567914b7b9811d99f30cf4,2024-05-05T01:15:06.380000
-CVE-2024-4493,1,1,452f980ebde7ab116c58469620b973db22a5877b1be66e7c1bf628255b6367cb,2024-05-05T03:15:07.340000
+CVE-2024-4493,0,0,452f980ebde7ab116c58469620b973db22a5877b1be66e7c1bf628255b6367cb,2024-05-05T03:15:07.340000
+CVE-2024-4494,1,1,433523d64129d02a2b7149cafb8e75a95864081fb6f1470373bea729561d333c,2024-05-05T05:15:06.530000