CVE-2024-10280
Tenda AC6/AC7/AC8/AC9/AC10/AC10U/AC15/AC18/AC500/AC1206 GetIPTV websReadEvent null pointer dereference
Severity Score
7.1
*CVSS v4
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Eine Schwachstelle wurde in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 bis 20241022 ausgemacht. Sie wurde als problematisch eingestuft. Davon betroffen ist die Funktion websReadEvent der Datei /goform/GetIPTV. Durch Beeinflussen des Arguments Content-Length mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
*Credits:
minipython
CVSS Scores
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
System
Vulnerable | Subsequent
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-10-23 CVE Reserved
- 2024-10-23 CVE Published
- 2024-10-23 CVE Updated
- 2024-10-23 First Exploit
- 2024-11-02 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://vuldb.com/?id.281555 | Technical Description | |
| https://vuldb.com/?submit.426417 | Third Party Advisory | |
| https://www.tenda.com.cn | Product |
| URL | Date | SRC |
|---|---|---|
| https://github.com/JohenanLi/router_vuls/blob/main/websReadEvent/websReadEvent.md | 2024-10-23 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tenda Search vendor "Tenda" | Ac10u Firmware Search vendor "Tenda" for product "Ac10u Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac18 Search vendor "Tenda" for product "Ac18" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac8 Firmware Search vendor "Tenda" for product "Ac8 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac10 Search vendor "Tenda" for product "Ac10" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac10u Search vendor "Tenda" for product "Ac10u" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac1206 Search vendor "Tenda" for product "Ac1206" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac15 Search vendor "Tenda" for product "Ac15" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac500 Search vendor "Tenda" for product "Ac500" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac6 Search vendor "Tenda" for product "Ac6" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac7 Search vendor "Tenda" for product "Ac7" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac8 Search vendor "Tenda" for product "Ac8" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac9 Search vendor "Tenda" for product "Ac9" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac10 Firmware Search vendor "Tenda" for product "Ac10 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac10u Firmware Search vendor "Tenda" for product "Ac10u Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac1206 Firmware Search vendor "Tenda" for product "Ac1206 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac15 Firmware Search vendor "Tenda" for product "Ac15 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac18 Firmware Search vendor "Tenda" for product "Ac18 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac500 Firmware Search vendor "Tenda" for product "Ac500 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac6 Firmware Search vendor "Tenda" for product "Ac6 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac7 Firmware Search vendor "Tenda" for product "Ac7 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac8 Firmware Search vendor "Tenda" for product "Ac8 Firmware" | * | - |
Affected
| ||||||
| Tenda Search vendor "Tenda" | Ac9 Firmware Search vendor "Tenda" for product "Ac9 Firmware" | * | - |
Affected
| ||||||