CVE Catalog

CVE-2024-52714

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.54%

42th percentile - higher than 42% of all known CVEs

Summary

A buffer overflow vulnerability was discovered in the 'fromSetSysTime' function of Tenda AC6 v2.0 router with firmware v15.03.06.50. An attacker could exploit this flaw to execute arbitrary code or cause a denial of service.

Risk Assessment

The risk involves potential remote code execution by an unauthenticated attacker, leading to full compromise of the router and the local network.

Recommendation

Immediately update the Tenda AC6 firmware to the latest patched version if available. If no patch exists, restrict remote access to the management interface.

Original NVD description (English source)

Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS