CVE-2024-34943 - Vulnerability Details - OpenCVE

Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

Vendors	Products
Tenda	Fh1206 Firmware

No data.

No data.

References

Link	Providers
https://palm-vertebra-fe9.notion.site/fromNatStaticSetting-fae26e1bfbe64b49a46230a629b6d198

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-05-10T12:51:20.301Z

Updated: 2025-02-13T15:53:40.730Z

Reserved: 2024-05-09T00:00:00.000Z

Link: CVE-2024-34943

Vulnrichment

Updated: 2024-08-02T02:59:22.623Z

NVD

Status : Awaiting Analysis

Published: 2024-05-14T15:39:38.153

Modified: 2024-11-21T09:19:35.537

Link: CVE-2024-34943

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-34943", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-02-13T15:53:40.730Z", "datePublished": "2024-05-10T12:51:20.301Z", "dateReserved": "2024-05-09T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-05-10T12:51:20.632Z"}, "descriptions": [{"lang": "en", "value": "Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://palm-vertebra-fe9.notion.site/fromNatStaticSetting-fae26e1bfbe64b49a46230a629b6d198"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-34943", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-21T18:33:38.520520Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:tenda:fh1206_firmware:-:*:*:*:*:*:*:*"], "vendor": "tenda", "product": "fh1206_firmware", "versions": [{"status": "affected", "version": "1.2.0.8(8155)_EN"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:42:13.961Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:59:22.623Z"}, "title": "CVE Program Container", "references": [{"url": "https://palm-vertebra-fe9.notion.site/fromNatStaticSetting-fae26e1bfbe64b49a46230a629b6d198", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://palm-vertebra-fe9.notion.site/fromNatStaticSetting-fae26e1bfbe64b49a46230a629b6d198", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:59:22.623Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-34943", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-21T18:33:38.520520Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:tenda:fh1206_firmware:-:*:*:*:*:*:*:*"], "vendor": "tenda", "product": "fh1206_firmware", "versions": [{"status": "affected", "version": "1.2.0.8(8155)_EN"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-21T18:28:23.775Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://palm-vertebra-fe9.notion.site/fromNatStaticSetting-fae26e1bfbe64b49a46230a629b6d198"}], "descriptions": [{"lang": "en", "value": "Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-05-10T12:51:20.632Z"}}}, "cveMetadata": {"cveId": "CVE-2024-34943", "state": "PUBLISHED", "dateUpdated": "2025-02-13T15:53:40.730Z", "dateReserved": "2024-05-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-05-10T12:51:20.301Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}