Vulnerability Details CVE-2024-10662
A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 55.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
Products affected by CVE-2024-10662
-
-
cpe:2.3:o:tenda:ac15_firmware:15.03.05.19