cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4244,https://securityvulnerability.io/vulnerability/CVE-2024-4244,Remote Stack-Based Buffer Overflow in Tenda W9 Router,"A critical vulnerability has been identified in the Tenda W9 router, specifically in the function fromDhcpSetSer within the /goform/DhcpSetSer file. This issue allows an attacker to exploit a stack-based buffer overflow by manipulating DHCP-related arguments, including dhcpStartIp, dhcpEndIp, dhcpGw, dhcpMask, dhcpLeaseTime, dhcpDns1, and dhcpDns2. The vulnerability can be exploited remotely, making it particularly dangerous. Publicly disclosed and unaddressed by the vendor, it raises serious security concerns for users of the affected version 1.0.0.7 (4456). Immediate action is recommended to mitigate potential risks.",Tenda,W9 Firmware,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-26T22:15:00.000Z,0
CVE-2024-4243,https://securityvulnerability.io/vulnerability/CVE-2024-4243,Stack-based Buffer Overflow Vulnerability in Tenda W9 WiFi Router,"The Tenda W9 WiFi router version 1.0.0.7 contains a stack-based buffer overflow vulnerability in the formwrlSSIDset function, located in the /goform/wifiSSIDset file. By manipulating the ssidIndex argument, an attacker can exploit this vulnerability remotely, allowing unauthorized access to critical system resources. This vulnerability has been publicly disclosed, increasing the risk of potential exploitation. The vendor, Tenda, has been notified about this issue, but there has been no response or acknowledgment. Users are strongly advised to take immediate action to safeguard their systems until a patch can be provided.",Tenda,W9 Firmware,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-26T22:15:00.000Z,0
CVE-2024-4241,https://securityvulnerability.io/vulnerability/CVE-2024-4241,Buffer Overflow Vulnerability in Tenda W9 Router,"A significant security flaw has been identified in the Tenda W9 router, specifically affecting version 1.0.0.7(4456). This vulnerability is characterized by a stack-based buffer overflow in the function formQosManageDouble_auto. When the ssidIndex argument is manipulated, it opens the door for remote attackers to execute potentially harmful code, compromising the router's integrity and the network it supports. It is important to note that despite earlier notifications, Tenda has not responded to this disclosure, highlighting a pressing need for users to remain vigilant and apply appropriate security measures.",Tenda,W9 Firmware,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-26T21:15:00.000Z,0
CVE-2024-4242,https://securityvulnerability.io/vulnerability/CVE-2024-4242,Stack-Based Buffer Overflow in Tenda W9 Router,"A serious vulnerability has been identified in the Tenda W9 router, specifically in the function formwrlSSIDget within the file /goform/wifiSSIDget. This vulnerability arises from improper handling of the ssidIndex argument, leading to a stack-based buffer overflow. Remote attackers could exploit this weakness to execute arbitrary code on the device, potentially compromising the network. The exploit was publicly disclosed, indicating that it may be actively targeted by cybercriminals. Users of affected Tenda W9 routers are advised to apply security measures and stay informed about any patches or updates from Tenda.",Tenda,W9 Firmware,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-26T21:15:00.000Z,0
CVE-2024-4240,https://securityvulnerability.io/vulnerability/CVE-2024-4240,Stack-based Buffer Overflow Vulnerability in Tenda W9,"A remote exploitable vulnerability has been discovered in the Tenda W9 router, specifically in the formQosManageDouble_user function. The flaw arises from improper handling of the ssidIndex argument, which can lead to a stack-based buffer overflow, allowing an attacker to execute arbitrary code. This vulnerability highlights potential security weaknesses in IoT devices, urging users to implement necessary security measures to safeguard their networks.",Tenda,W9 Firmware,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-26T21:15:00.000Z,0
CVE-2024-0542,https://securityvulnerability.io/vulnerability/CVE-2024-0542,Tenda W9 httpd formWifiMacFilterGet stack-based overflow,"A stack-based buffer overflow vulnerability exists in the Tenda W9, specifically within the formWifiMacFilterGet function of the httpd component. This vulnerability arises due to improper handling of the argument index, enabling attackers to potentially execute arbitrary code remotely. The exploit has been publicly disclosed, increasing the urgency for users to secure their devices. Despite attempts to contact the vendor for mitigating actions, there has been no response. Users are advised to remain vigilant and consider implementing security best practices to protect their devices.",Tenda,W9,9.8,CRITICAL,0.02102999947965145,false,,false,false,true,2024-01-15T05:00:07.000Z,true,false,false,,2024-01-15T05:00:07.333Z,0
CVE-2024-0541,https://securityvulnerability.io/vulnerability/CVE-2024-0541,Tenda W9 httpd formAddSysLogRule stack-based overflow,"A stack-based buffer overflow vulnerability has been identified in the Tenda W9 Router version 1.0.0.7, impacting the function formAddSysLogRule within the httpd component. The flaw arises from improper handling of the sysRulenEn argument, allowing remote attackers to exploit this vulnerability. Given that the exploit for this vulnerability has been publicized, affected users should take immediate steps to secure their devices against potential unauthorized access and attacks.",Tenda,W9,9.8,CRITICAL,0.02102999947965145,false,,false,false,true,2024-01-15T05:00:06.000Z,true,false,false,,2024-01-15T05:00:06.027Z,0
CVE-2024-0540,https://securityvulnerability.io/vulnerability/CVE-2024-0540,Tenda W9 httpd formOfflineSet stack-based overflow,"A vulnerability has been identified in the Tenda W9, specifically within the function formOfflineSet of the httpd component. This flaw arises from improper handling of the ssidIndex argument, which can lead to a stack-based buffer overflow. Given the nature of the vulnerability, it can be exploited remotely, potentially allowing attackers to execute arbitrary code or cause denial of service. As the exploit is publicly disclosed, it is crucial for users of the affected Tenda W9 version to take immediate action to mitigate risks associated with this security issue.",Tenda,W9,9.8,CRITICAL,0.02102999947965145,false,,false,false,true,2024-01-15T04:31:05.000Z,true,false,false,,2024-01-15T04:31:05.060Z,0
CVE-2024-0539,https://securityvulnerability.io/vulnerability/CVE-2024-0539,Tenda W9 httpd formQosManage_user stack-based overflow,"The vulnerability within the Tenda W9 router specifically affects the formQosManage_user function of its httpd component, where improper handling of the ssidIndex argument leads to a stack-based buffer overflow. This flaw allows for remote exploitation, potentially granting attackers unauthorized access to sensitive information or control over the device. Many users remain unaware of this critical issue, which has already been publicly disclosed, highlighting the need for immediate patching or mitigation strategies to safeguard network integrity. The vendor has been notified about the vulnerability, but did not respond, leaving users exposed.",Tenda,W9,9.8,CRITICAL,0.02102999947965145,false,,false,false,true,2024-01-15T04:31:04.000Z,true,false,false,,2024-01-15T04:31:04.023Z,0
CVE-2024-0538,https://securityvulnerability.io/vulnerability/CVE-2024-0538,Tenda W9 httpd formQosManage_auto stack-based overflow,"A vulnerability in the Tenda W9 router version 1.0.0.7(4456) has been identified in the httpd service, specifically within the function formQosManage_auto. This flaw is triggered through improper handling of the ssidIndex argument, resulting in a stack-based buffer overflow. The potential for remote exploitation of this vulnerability poses significant security risks, as an attacker could execute arbitrary code on the affected device. Public disclosure of this issue has heightened concerns over its exploitability, prompting immediate attention from users of the Tenda W9 router model.",Tenda,W9,9.8,CRITICAL,0.02102999947965145,false,,false,false,true,2024-01-15T04:00:06.000Z,true,false,false,,2024-01-15T04:00:06.512Z,0
CVE-2024-0537,https://securityvulnerability.io/vulnerability/CVE-2024-0537,Tenda W9 httpd setWrlBasicInfo stack-based overflow,"The Tenda W9 device has been identified to contain a vulnerability within the httpd component, specifically in the setWrlBasicInfo function. An attack vector exists that allows for remote manipulation of the ssidIndex argument, which can trigger a stack-based buffer overflow. This vulnerability facilitates potential unauthorized access and control over the device, raising significant concerns regarding the integrity and security of networks utilizing the Tenda W9 model. As of now, the vendor has been notified about this security issue but has not provided any public acknowledgment or response.",Tenda,W9,8.8,HIGH,0.02102999947965145,false,,false,false,true,2024-01-15T04:00:05.000Z,true,false,false,,2024-01-15T04:00:05.361Z,0
CVE-2024-0536,https://securityvulnerability.io/vulnerability/CVE-2024-0536,Tenda W9 httpd setWrlAccessList stack-based overflow,"A vulnerability exists in the Tenda W9 1.0.0.7, specifically within the setWrlAccessList function of the httpd component. The issue arises from improper handling of the ssidIndex argument, leading to a stack-based buffer overflow. This weakness allows for potential remote exploitation, enabling attackers to execute arbitrary code. Despite early notification of the vulnerability to the vendor, Tenda did not respond. As the exploit has been publicly disclosed, it poses a significant risk to users of the affected product.",Tenda,W9,9.8,CRITICAL,0.02102999947965145,false,,false,false,true,2024-01-15T03:31:03.000Z,true,false,false,,2024-01-15T03:31:03.398Z,0