cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7152,https://securityvulnerability.io/vulnerability/CVE-2024-7152,Stack-based Buffer Overflow in Tenda O3 Router Firmware,"A serious vulnerability has been identified in the Tenda O3 Router firmware version 1.0.0.10(2478). This vulnerability arises from the manipulation of the 'time' argument in the 'fromSafeSetMacFilter' function located in '/goform/setMacFilterList', leading to a stack-based buffer overflow. This issue can be exploited remotely, potentially allowing attackers to execute arbitrary code and compromise system integrity. Despite early notifications to the vendor, no response has been received regarding this exploitation risk. Users are advised to review the firmware and implement necessary security measures to mitigate potential attacks. For further details, refer to the related security advisories.",Tenda,O3,8.8,HIGH,0.0055599999614059925,false,false,false,true,true,false,false,2024-07-27T21:00:06.271Z,0
CVE-2024-7151,https://securityvulnerability.io/vulnerability/CVE-2024-7151,Stack-Based Buffer Overflow in Tenda O3 Network Device,"A critical vulnerability exists in the Tenda O3 with version 1.0.0.10(2478), specifically in the function fromMacFilterSet located within the /goform/setMacFilter file. This flaw enables attackers to manipulate the 'remark' argument, leading to a stack-based buffer overflow, which can be exploited remotely. The disclosure of this vulnerability poses a significant risk as it has been made public, and potential exploits are widely available. To date, there has been no response from Tenda regarding this critical security issue, raising concerns about the future security and support for affected users.",Tenda,O3,9.8,CRITICAL,0.0009899999713525176,false,false,false,true,true,false,false,2024-07-27T20:00:05.233Z,0
CVE-2024-6965,https://securityvulnerability.io/vulnerability/CVE-2024-6965,Stack-Based Buffer Overflow in Tenda O3 Products,"A significant vulnerability has been identified in Tenda O3 version 1.0.0.10, resulting from improper handling of input parameters in the `fromVirtualSet` function. This flaw allows attackers to manipulate the arguments such as ip, localPort, publicPort, and app, leading to a stack-based buffer overflow. Because the vulnerability can be exploited remotely, it poses a severe risk to users, allowing unauthorized access and potential control over the affected device. Despite direct communication to the vendor about this issue, there has been no response, raising concerns about the timely mitigation of this threat. Organizations using Tenda O3 products should take proactive measures to secure their networks against this vulnerability.",Tenda,O3,8.8,HIGH,0.0022100000642240047,false,false,false,true,true,false,false,2024-07-22T01:31:04.351Z,0
CVE-2024-6964,https://securityvulnerability.io/vulnerability/CVE-2024-6964,Stack-Based Buffer Overflow in Tenda O3 Devices,"A critical vulnerability has been identified in Tenda O3 devices, specifically in version 1.0.0.10. The issue resides in the fromDhcpSetSer function, where improper handling of parameters such as dhcpEn, startIP, endIP, preDNS, altDNS, mask, and gateway can lead to a stack-based buffer overflow. This flaw allows attackers to execute arbitrary code remotely, posing significant security risks to users. Despite being disclosed publicly, the vendor has not responded to early notifications regarding this vulnerability. Users are advised to assess their device's security and apply necessary mitigations to safeguard against potential attacks.",Tenda,O3,8.8,HIGH,0.0022100000642240047,false,false,false,true,true,false,false,2024-07-22T01:00:06.939Z,0
CVE-2024-6962,https://securityvulnerability.io/vulnerability/CVE-2024-6962,Buffer Overflow Vulnerability in Tenda O3 Devices,"A serious buffer overflow vulnerability exists in the Tenda O3 device version 1.0.0.10 that could allow remote attackers to manipulate input parameters within the formQosSet function. This stack-based buffer overflow can be triggered through crafted requests, potentially allowing attackers to execute arbitrary code or disrupt device functionality. As the exploit is publicly disclosed, immediate attention and mitigation are recommended for affected users, as the vendor has not yet provided an update or patch for this issue.",Tenda,O3 Firmware1.0.0.10\(2478\),8.8,HIGH,0.0014900000533089042,false,false,false,false,,false,false,2024-07-22T00:15:00.000Z,0
CVE-2024-6963,https://securityvulnerability.io/vulnerability/CVE-2024-6963,Stack-based Buffer Overflow in Tenda O3 Device,"A critical vulnerability has been identified in the Tenda O3 with version 1.0.0.10, wherein the function formexeCommand is susceptible to a stack-based buffer overflow due to improper handling of the cmdinput argument. This critical flaw permits an attacker to execute arbitrary code remotely, potentially compromising the device's integrity and security, making it imperative for users to secure their devices promptly. Despite early notifications, the vendor did not respond regarding the disclosure of this vulnerability, raising concerns about timely security updates in the future. For more detailed insights and indicators, visit the related references.",Tenda,O3 Firmware1.0.0.10\(2478\),8.8,HIGH,0.0022100000642240047,false,false,false,false,,false,false,2024-07-22T00:15:00.000Z,0