CVE-2024-0930
Published: 26 January 2024
Summary
CVE-2024-0930 is a medium-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tendacn Ac10U Firmware. Its CVSS base score is 4.7 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A stack-based buffer overflow vulnerability (CWE-121) exists in the fromSetWirelessRepeat function of Tenda AC10U firmware version 15.03.06.49_multi_TDE01. The issue stems from unsanitized input to the wpapsk_crypto argument and has been assigned CVE-2024-0930 with a CVSS 3.1 score of 4.7.
An authenticated administrator can trigger the flaw remotely over the network. Successful exploitation may allow limited corruption of memory on the device, though the CVSS vector restricts impact to partial effects on confidentiality, integrity, and availability.
Public proof-of-concept code has been published on GitHub, and the vulnerability record notes that the vendor was contacted prior to disclosure but provided no response or patch information. The associated EPSS score remains flat at 0.0734 with no material increase observed after publication.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-16711
Vulnerability details
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been…
more
disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The stack-based buffer overflow in the router's web management function fromSetWirelessRepeat (wpapsk_crypto parameter) is remotely exploitable, enabling adversaries to exploit a public-facing application for initial access, potentially leading to remote code execution.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.