cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4170,https://securityvulnerability.io/vulnerability/CVE-2024-4170,Stack-Based Buffer Overflow in Tenda 4G300 Router,"A severe vulnerability has been discovered in the Tenda 4G300 router model version 1.01.42, specifically within the function sub_429A30. This vulnerability manifests as a stack-based buffer overflow due to improper handling of the argument 'list1'. Attackers can exploit this flaw remotely, allowing unauthorized access and potential control over the device, posing significant risks to user data and network security. Despite early disclosure attempts, the vendor has not responded to address this critical issue. Users are strongly advised to monitor their devices for any signs of exploitation and consider applying necessary mitigations.",Tenda,4g300,8.8,HIGH,0.00788000039756298,false,,false,false,false,,,false,false,,2024-04-25T13:00:06.597Z,0
CVE-2024-4169,https://securityvulnerability.io/vulnerability/CVE-2024-4169,Stack-Based Buffer Overflow in Tenda 4G300,"A significant vulnerability has been identified in the Tenda 4G300 router model 1.01.42, which is susceptible to a stack-based buffer overflow due to improper handling of input arguments in functions sub_42775C and sub_4279CC. This flaw allows an attacker to exploit the device remotely, leading to potential unauthorized access and execution of arbitrary code. Despite early disclosure attempts to inform Tenda about this critical issue, the company has not responded. It is highly recommended for users of the affected product to implement recommended security measures or consider upgrading their device to mitigate this risk. For further details, consult the technical descriptions available from VDB-261988 and related resources.",Tenda,4g300,8.8,HIGH,0.00788000039756298,false,,false,false,false,,,false,false,,2024-04-25T12:31:04.756Z,0
CVE-2024-4168,https://securityvulnerability.io/vulnerability/CVE-2024-4168,Remote Stack-Based Buffer Overflow in Tenda 4G300 Router,"A critical security vulnerability has been identified in the Tenda 4G300 router, specifically affecting version 1.01.42. The flaw resides in the sub_4260F0 function, where improper handling of input arguments can lead to a stack-based buffer overflow. This vulnerability allows remote attackers to exploit the affected system by manipulating the upfilen parameter, potentially leading to arbitrary code execution or device compromise. Despite early disclosure attempts to Tenda, there has been no response from the vendor regarding this serious issue.",Tenda,4g300,8.8,HIGH,0.00788000039756298,false,,false,false,false,,,false,false,,2024-04-25T12:00:06.832Z,0
CVE-2024-4167,https://securityvulnerability.io/vulnerability/CVE-2024-4167,Stack-Based Buffer Overflow in Tenda 4G300 Device,"A critical vulnerability has been identified in the Tenda 4G300 router, specifically affecting version 1.01.42. The issue arises due to improper handling of date and time input parameters within the function sub_422AA4, leading to a stack-based buffer overflow. This flaw can be exploited remotely, allowing attackers to manipulate input arguments for year, month, day, hour, minute, and second to gain unauthorized access or disrupt system operations. Despite early contact attempts, Tenda has not responded to notifications regarding this vulnerability, raising concerns about timely remediation and user safety.",Tenda,4g300,8.8,HIGH,0.00788000039756298,false,,false,false,false,,,false,false,,2024-04-25T12:00:05.316Z,0
CVE-2024-4166,https://securityvulnerability.io/vulnerability/CVE-2024-4166,Stack-based Buffer Overflow in Tenda 4G300,"A critical vulnerability has been identified in the Tenda 4G300 router, specifically in the function sub_41E858 for version 1.01.42. This vulnerability allows attackers to manipulate the 'GO/page' argument, leading to a stack-based buffer overflow. Such exploitation can be initiated remotely, posing significant risks to network security and device integrity. Despite early notifications to Tenda regarding this security flaw, there has been no official response or mitigation from the vendor. It is crucial for users of Tenda products to be aware of this vulnerability and take necessary precautions to safeguard their devices.",Tenda,4g300,8.8,HIGH,0.00788000039756298,false,,false,false,false,,,false,false,,2024-04-25T11:31:06.063Z,0
CVE-2023-38929,https://securityvulnerability.io/vulnerability/CVE-2023-38929,Stack Overflow Vulnerability in Tenda 4G300 by Tenda,"The Tenda 4G300, specifically version v1.01.42, is susceptible to a stack overflow vulnerability. This occurs due to improper handling of input parameters on the /VirtualSer endpoint, potentially allowing an attacker to exploit the device by sending specially crafted requests. Such exploitation could lead to unexpected behaviors or unauthorized access, compromising the overall security and integrity of the device.",Tenda,4g300 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0