Tenda FH1206 1.2.0.8 stack-based overflow

A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer overflow. The CWE definition for the vulnerability is CWE-121. The weakness was published 08/08/2024. The advisory is shared at github.com. This vulnerability is known as CVE-2024-7615. The attack can be launched remotely. Technical details are available. Furthermore, there is an exploit available. The exploit has been disclosed to the public and may be used. The price for an exploit might be around USD $0-$5k at the moment. It is declared as proof-of-concept. It is possible to download the exploit at github.com. We expect the 0-day to have been worth approximately $0-$5k. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

VulDB Mod Team85

Field

price_0day2
cvss3_meta_tempscore2
cvss3_meta_basescore2
cvss2_cna_basescore1
cvss2_cna_ai1

Commit Conf

90%29
99%27
50%13
70%9
80%7

Approve Conf

80%29
90%29
99%27

85 Commits

IDCommitedUserFieldChangeRemarksModerationResponseC
1732335508/22/2024
 VulDB…		price_0day$0-$5ksee exploit price documentation08/22/2024accepted
80
1732335408/22/2024
 VulDB…		cvss3_meta_tempscore8.9see CVSS documentation08/22/2024accepted
80
1732335308/22/2024
 VulDB…		cvss3_meta_basescore9.1see CVSS documentation08/22/2024accepted
80
1732335208/22/2024
 VulDB…		cvss2_cna_basescore9see CVSS documentation08/22/2024accepted
99
1732335108/22/2024
 VulDB…		cvss2_cna_aiCsee CVSS documentation08/22/2024accepted
99
1732335008/22/2024
 VulDB…		cvss2_cna_iiCsee CVSS documentation08/22/2024accepted
99
1732334908/22/2024
 VulDB…		cvss2_cna_ciCsee CVSS documentation08/22/2024accepted
99
1732334808/22/2024
 VulDB…		cvss2_cna_auSsee CVSS documentation08/22/2024accepted
99
1732334708/22/2024
 VulDB…		cvss2_cna_acLsee CVSS documentation08/22/2024accepted
99
1732334608/22/2024
 VulDB…		cvss2_cna_avNsee CVSS documentation08/22/2024accepted
99
1732334508/22/2024
 VulDB…		cvss3_cna_basescore8.8see CVSS documentation08/22/2024accepted
99
1732334408/22/2024
 VulDB…		cvss3_cna_aHsee CVSS documentation08/22/2024accepted
99
1732334308/22/2024
 VulDB…		cvss3_cna_iHsee CVSS documentation08/22/2024accepted
99
1732334208/22/2024
 VulDB…		cvss3_cna_cHsee CVSS documentation08/22/2024accepted
99
1732334108/22/2024
 VulDB…		cvss3_cna_sUsee CVSS documentation08/22/2024accepted
99
1732334008/22/2024
 VulDB…		cvss3_cna_uiNsee CVSS documentation08/22/2024accepted
99
1732333908/22/2024
 VulDB…		cvss3_cna_prLsee CVSS documentation08/22/2024accepted
99
1732333808/22/2024
 VulDB…		cvss3_cna_acLsee CVSS documentation08/22/2024accepted
99
1732333708/22/2024
 VulDB…		cvss3_cna_avNsee CVSS documentation08/22/2024accepted
99
1732333608/22/2024
 VulDB…		cvss3_nvd_basescore9.8nist.gov08/22/2024accepted
99

65 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 65 results.

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!