cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7581,https://securityvulnerability.io/vulnerability/CVE-2024-7581,Stack-Based Buffer Overflow Vulnerability in Tenda A301,"A significant vulnerability has been identified in the Tenda A301 router, specifically affecting version 15.13.08.12. This flaw lies within the 'formWifiBasicSet' function of the /goform/WifiBasicSet file, where a buffer overflow occurs due to improper handling of the 'security' argument. The remote exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected device, leading to potential unauthorized access and control over the device. Despite prior disclosure attempts to the vendor, there has been no response regarding the mitigation or remediation of this critical risk, raising serious concerns about the security posture of devices running this firmware version.",Tenda,A301 Firmware,9.8,CRITICAL,0.002940000034868717,false,false,false,false,,false,false,2024-08-07T15:15:00.000Z,0
CVE-2024-6403,https://securityvulnerability.io/vulnerability/CVE-2024-6403,Stack-Based Buffer Overflow Vulnerability in Tenda A301,"A serious stack-based buffer overflow vulnerability has been identified in Tenda A301, specifically within the formWifiBasicSet function of the /goform/SetOnlineDevName file. This vulnerability arises due to improper validation of the devName argument, allowing attackers to execute a remote exploit. If leveraged, this vulnerability could lead to severe system compromises. Despite the early disclosure of the issue to Tenda, there has been no acknowledgment or mitigation response from the vendor. Owners of affected devices are strongly advised to review their security measures and consider updating their firmware to safeguard against potential attacks.",Tenda,A301,9.8,CRITICAL,0.0013699999544769526,false,false,false,true,true,false,false,2024-06-28T17:00:07.083Z,0
CVE-2024-6402,https://securityvulnerability.io/vulnerability/CVE-2024-6402,Buffer Overflow Vulnerability in Tenda A301 Router,"A serious buffer overflow vulnerability has been identified in the Tenda A301 router, specifically within the SetOnlineDevName function utilized in the /goform/SetOnlineDevName file. This flaw can be exploited remotely, allowing attackers to craft malicious input that manipulates the devName argument. The buffer overflow could potentially lead to unauthorized access or execution of arbitrary code, compromising the affected device. The vulnerability has been publicly disclosed and no response has been received from the vendor regarding this issue. Immediate action is advised for users of the Tenda A301 to safeguard against possible exploits.",Tenda,A301,9.8,CRITICAL,0.0013699999544769526,false,false,false,true,true,false,false,2024-06-28T17:00:05.443Z,0
CVE-2024-6189,https://securityvulnerability.io/vulnerability/CVE-2024-6189,Stack-Based Buffer Overflow in Tenda A301 Wireless Router,"A critical vulnerability has been identified in the Tenda A301 wireless router, specifically within the 'fromSetWirelessRepeat' function of the '/goform/WifiExtraSet' file. This vulnerability arises from inadequate input validation on the 'wpapsk_crypto' argument, leading to a stack-based buffer overflow. Exploitation can be conducted remotely, potentially allowing unauthorized attackers to manipulate memory and execute arbitrary code on the device. The flaw has been disclosed publicly, raising significant security concerns for users of the affected firmware version 15.13.08.12. Tenda was informed of this issue prior to public disclosure but failed to provide a response, highlighting the urgency for users to assess their device’s security.",Tenda,A301,8.8,HIGH,0.0055599999614059925,false,false,false,true,true,false,false,2024-06-20T14:00:05.817Z,0
CVE-2024-4291,https://securityvulnerability.io/vulnerability/CVE-2024-4291,Stack-Based Buffer Overflow in Tenda A301 Product Line,"A critical vulnerability affecting the Tenda A301 product line has been identified, which allows remote attackers to exploit a stack-based buffer overflow when manipulating the 'deviceList' parameter in the 'formAddMacfilterRule' function within the '/goform/setBlackRule' file. This flaw may lead to unauthorized access and potential control over the device. The flaw has been publicly disclosed, indicating a significant risk for users of the affected version (15.13.08.12_multi_TDE01). Although the vendor was alerted prior to the public disclosure, no response has been recorded, leaving users vulnerable to potential exploitation.",Tenda,A301,8.8,HIGH,0.00044999999227002263,false,false,false,true,true,false,false,2024-04-27T20:00:07.538Z,0