CVE-2024-4493 – Tenda i21 formSetAutoPing stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4493
A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). Affected is the function formSetAutoPing. The manipulation of the argument ping1/ping2 leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formSetAutoPing.md https://vuldb.com/?ctiid.263082 https://vuldb.com/?id.263082 https://vuldb.com/?submit.323602 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-4492 – Tenda i21 setStaOffline formOfflineSet stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4492
A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). This issue affects the function formOfflineSet of the file /goform/setStaOffline. The manipulation of the argument GO/ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formOfflineSet.md https://vuldb.com/?ctiid.263081 https://vuldb.com/?id.263081 https://vuldb.com/?submit.323601 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-4491 – Tenda i21 formGetDiagnoseInfo stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4491
A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability affects the function formGetDiagnoseInfo. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/formGetDiagnoseInfo.md https://vuldb.com/?ctiid.263080 https://vuldb.com/?id.263080 https://vuldb.com/?submit.323600 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-4252 – Tenda i22 formSetUrlFilterRule stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4252
A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the function formSetUrlFilterRule. The manipulation of the argument groupIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-262143. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md https://vuldb.com/?ctiid.262143 https://vuldb.com/?id.262143 https://vuldb.com/?submit.319840 • CWE-121: Stack-based Buffer Overflow •
CVE-2024-4251 – Tenda i21 DhcpSetSe fromDhcpSetSer stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4251
A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been rated as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSe. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer overflow. The attack may be launched remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i21/fromDhcpSetSer.md https://vuldb.com/?ctiid.262142 https://vuldb.com/?id.262142 https://vuldb.com/?submit.319836 • CWE-121: Stack-based Buffer Overflow •